FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-4980

This CVE name corresponds to:

Entered Topic
2006-10-07 python -- buffer overrun in repr() for unicode strings

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-4980 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-4980
Phase Assigned(20060925)

Description

Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.

References

Source Reference
BUGTRAQ 20061011 rPSA-2006-0187-1 idle python
BUGTRAQ 20070110 VMware ESX server security updates
CONFIRM http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470
CONFIRM http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff
CONFIRM https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633
CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162
CONFIRM https://issues.rpath.com/browse/RPL-702
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm
CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589
CONFIRM http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
CONFIRM http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html
DEBIAN DSA-1197
DEBIAN DSA-1198
GENTOO GLSA-200610-07
MANDRIVA MDKSA-2006:181
REDHAT RHSA-2006:0713
REDHAT RHSA-2008:0629
SGI 20061001-01-P
SUSE SUSE-SR:2006:025
UBUNTU USN-359-1
BID 20376
OVAL oval:org.mitre.oval:def:10789
VUPEN ADV-2006-3940
VUPEN ADV-2006-5131
SECTRACK 1017019
SECUNIA 22276
SECUNIA 22303
SECUNIA 22357
SECUNIA 22297
SECUNIA 22358
SECUNIA 22379
SECUNIA 22448
SECUNIA 22512
SECUNIA 22531
SECUNIA 22639
SECUNIA 22487
SECUNIA 23680
SECUNIA 31492
XF python-repr-bo(29408)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.