csaf_redhat - rhsa-2007

rhsa-2007_1077

Vulnerability from csaf_redhat

Published

2007-12-10 17:57

Modified

2024-09-15 17:02

Summary

Red Hat Security Advisory: python security update

Notes

Topic

Updated python packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Details

Python is an interpreted, interactive, object-oriented programming language. An integer overflow flaw was discovered in the way Python's pcre module handled certain regular expressions. If a Python application used the pcre module to compile and execute untrusted regular expressions, it may be possible to cause the application to crash, or allow arbitrary code execution with the privileges of the Python interpreter. (CVE-2006-7228) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Users of Python are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated python packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nAn integer overflow flaw was discovered in the way Python\u0027s pcre module\nhandled certain regular expressions. If a Python application used the pcre\nmodule to compile and execute untrusted regular expressions, it may be\npossible to cause the application to crash, or allow arbitrary code\nexecution with the privileges of the Python interpreter. (CVE-2006-7228)\n\nA flaw was discovered in the strxfrm() function of Python\u0027s locale module.\nStrings generated by this function were not properly NULL-terminated, which\ncould possibly cause disclosure of data stored in the memory of a Python\napplication using this function. (CVE-2007-2052)\n\nUsers of Python are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2007:1077",
        "url": "https://access.redhat.com/errata/RHSA-2007:1077"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "235093",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=235093"
      },
      {
        "category": "external",
        "summary": "383371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=383371"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2007/rhsa-2007_1077.json"
      }
    ],
    "title": "Red Hat Security Advisory: python security update",
    "tracking": {
      "current_release_date": "2024-09-15T17:02:57+00:00",
      "generator": {
        "date": "2024-09-15T17:02:57+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2007:1077",
      "initial_release_date": "2007-12-10T17:57:00+00:00",
      "revision_history": [
        {
          "date": "2007-12-10T17:57:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2007-12-10T12:57:16+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-15T17:02:57+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                "product": {
                  "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_id": "2.1AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux Advanced Workstation 2.1",
                "product": {
                  "name": "Red Hat Linux Advanced Workstation 2.1",
                  "product_id": "2.1AW",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 2.1",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 2.1",
                  "product_id": "2.1ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 2.1",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 2.1",
                  "product_id": "2.1WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tkinter-0:1.5.2-43.72.2.ia64",
                "product": {
                  "name": "tkinter-0:1.5.2-43.72.2.ia64",
                  "product_id": "tkinter-0:1.5.2-43.72.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tkinter@1.5.2-43.72.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-0:1.5.2-43.72.2.ia64",
                "product": {
                  "name": "python-0:1.5.2-43.72.2.ia64",
                  "product_id": "python-0:1.5.2-43.72.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python@1.5.2-43.72.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-tools-0:1.5.2-43.72.2.ia64",
                "product": {
                  "name": "python-tools-0:1.5.2-43.72.2.ia64",
                  "product_id": "python-tools-0:1.5.2-43.72.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-tools@1.5.2-43.72.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-devel-0:1.5.2-43.72.2.ia64",
                "product": {
                  "name": "python-devel-0:1.5.2-43.72.2.ia64",
                  "product_id": "python-devel-0:1.5.2-43.72.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-devel@1.5.2-43.72.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-docs-0:1.5.2-43.72.2.ia64",
                "product": {
                  "name": "python-docs-0:1.5.2-43.72.2.ia64",
                  "product_id": "python-docs-0:1.5.2-43.72.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-docs@1.5.2-43.72.2?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python-0:1.5.2-43.72.2.src",
                "product": {
                  "name": "python-0:1.5.2-43.72.2.src",
                  "product_id": "python-0:1.5.2-43.72.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python@1.5.2-43.72.2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tkinter-0:1.5.2-43.72.2.i386",
                "product": {
                  "name": "tkinter-0:1.5.2-43.72.2.i386",
                  "product_id": "tkinter-0:1.5.2-43.72.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tkinter@1.5.2-43.72.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-0:1.5.2-43.72.2.i386",
                "product": {
                  "name": "python-0:1.5.2-43.72.2.i386",
                  "product_id": "python-0:1.5.2-43.72.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python@1.5.2-43.72.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-tools-0:1.5.2-43.72.2.i386",
                "product": {
                  "name": "python-tools-0:1.5.2-43.72.2.i386",
                  "product_id": "python-tools-0:1.5.2-43.72.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-tools@1.5.2-43.72.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-devel-0:1.5.2-43.72.2.i386",
                "product": {
                  "name": "python-devel-0:1.5.2-43.72.2.i386",
                  "product_id": "python-devel-0:1.5.2-43.72.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-devel@1.5.2-43.72.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-docs-0:1.5.2-43.72.2.i386",
                "product": {
                  "name": "python-docs-0:1.5.2-43.72.2.i386",
                  "product_id": "python-docs-0:1.5.2-43.72.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-docs@1.5.2-43.72.2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.src as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-0:1.5.2-43.72.2.src"
        },
        "product_reference": "python-0:1.5.2-43.72.2.src",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-devel-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-devel-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-docs-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-docs-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-tools-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:python-tools-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:tkinter-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:tkinter-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.src as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-0:1.5.2-43.72.2.src"
        },
        "product_reference": "python-0:1.5.2-43.72.2.src",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-devel-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-devel-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-docs-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-docs-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-tools-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:python-tools-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:tkinter-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:tkinter-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.src as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-0:1.5.2-43.72.2.src"
        },
        "product_reference": "python-0:1.5.2-43.72.2.src",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-devel-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-devel-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-docs-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-docs-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-tools-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:python-tools-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:tkinter-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:tkinter-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-0:1.5.2-43.72.2.src as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-0:1.5.2-43.72.2.src"
        },
        "product_reference": "python-0:1.5.2-43.72.2.src",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-devel-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-devel-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-devel-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-devel-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-docs-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-docs-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-docs-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-docs-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-tools-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-tools-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:python-tools-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "python-tools-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:tkinter-0:1.5.2-43.72.2.i386"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tkinter-0:1.5.2-43.72.2.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:tkinter-0:1.5.2-43.72.2.ia64"
        },
        "product_reference": "tkinter-0:1.5.2-43.72.2.ia64",
        "relates_to_product_reference": "2.1WS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-7228",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2007-11-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "383371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227.  NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pcre integer overflow",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "2.1AS:python-0:1.5.2-43.72.2.i386",
          "2.1AS:python-0:1.5.2-43.72.2.ia64",
          "2.1AS:python-0:1.5.2-43.72.2.src",
          "2.1AS:python-devel-0:1.5.2-43.72.2.i386",
          "2.1AS:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1AS:python-docs-0:1.5.2-43.72.2.i386",
          "2.1AS:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1AS:python-tools-0:1.5.2-43.72.2.i386",
          "2.1AS:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1AS:tkinter-0:1.5.2-43.72.2.i386",
          "2.1AS:tkinter-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-0:1.5.2-43.72.2.i386",
          "2.1AW:python-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-0:1.5.2-43.72.2.src",
          "2.1AW:python-devel-0:1.5.2-43.72.2.i386",
          "2.1AW:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-docs-0:1.5.2-43.72.2.i386",
          "2.1AW:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-tools-0:1.5.2-43.72.2.i386",
          "2.1AW:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1AW:tkinter-0:1.5.2-43.72.2.i386",
          "2.1AW:tkinter-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-0:1.5.2-43.72.2.i386",
          "2.1ES:python-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-0:1.5.2-43.72.2.src",
          "2.1ES:python-devel-0:1.5.2-43.72.2.i386",
          "2.1ES:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-docs-0:1.5.2-43.72.2.i386",
          "2.1ES:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-tools-0:1.5.2-43.72.2.i386",
          "2.1ES:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1ES:tkinter-0:1.5.2-43.72.2.i386",
          "2.1ES:tkinter-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-0:1.5.2-43.72.2.i386",
          "2.1WS:python-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-0:1.5.2-43.72.2.src",
          "2.1WS:python-devel-0:1.5.2-43.72.2.i386",
          "2.1WS:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-docs-0:1.5.2-43.72.2.i386",
          "2.1WS:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-tools-0:1.5.2-43.72.2.i386",
          "2.1WS:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1WS:tkinter-0:1.5.2-43.72.2.i386",
          "2.1WS:tkinter-0:1.5.2-43.72.2.ia64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-7228"
        },
        {
          "category": "external",
          "summary": "RHBZ#383371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=383371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-7228",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-7228"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-7228",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-7228"
        }
      ],
      "release_date": "2007-11-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  \n\nThis update is available via Red Hat Network.  Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "2.1AS:python-0:1.5.2-43.72.2.i386",
            "2.1AS:python-0:1.5.2-43.72.2.ia64",
            "2.1AS:python-0:1.5.2-43.72.2.src",
            "2.1AS:python-devel-0:1.5.2-43.72.2.i386",
            "2.1AS:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1AS:python-docs-0:1.5.2-43.72.2.i386",
            "2.1AS:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1AS:python-tools-0:1.5.2-43.72.2.i386",
            "2.1AS:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1AS:tkinter-0:1.5.2-43.72.2.i386",
            "2.1AS:tkinter-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-0:1.5.2-43.72.2.i386",
            "2.1AW:python-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-0:1.5.2-43.72.2.src",
            "2.1AW:python-devel-0:1.5.2-43.72.2.i386",
            "2.1AW:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-docs-0:1.5.2-43.72.2.i386",
            "2.1AW:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-tools-0:1.5.2-43.72.2.i386",
            "2.1AW:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1AW:tkinter-0:1.5.2-43.72.2.i386",
            "2.1AW:tkinter-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-0:1.5.2-43.72.2.i386",
            "2.1ES:python-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-0:1.5.2-43.72.2.src",
            "2.1ES:python-devel-0:1.5.2-43.72.2.i386",
            "2.1ES:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-docs-0:1.5.2-43.72.2.i386",
            "2.1ES:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-tools-0:1.5.2-43.72.2.i386",
            "2.1ES:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1ES:tkinter-0:1.5.2-43.72.2.i386",
            "2.1ES:tkinter-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-0:1.5.2-43.72.2.i386",
            "2.1WS:python-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-0:1.5.2-43.72.2.src",
            "2.1WS:python-devel-0:1.5.2-43.72.2.i386",
            "2.1WS:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-docs-0:1.5.2-43.72.2.i386",
            "2.1WS:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-tools-0:1.5.2-43.72.2.i386",
            "2.1WS:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1WS:tkinter-0:1.5.2-43.72.2.i386",
            "2.1WS:tkinter-0:1.5.2-43.72.2.ia64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2007:1077"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pcre integer overflow"
    },
    {
      "cve": "CVE-2007-2052",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "discovery_date": "2007-04-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "235093"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "python off-by-one locale.strxfrm() (possible memory disclosure)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttps://access.redhat.com/security/updates/classification/",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "2.1AS:python-0:1.5.2-43.72.2.i386",
          "2.1AS:python-0:1.5.2-43.72.2.ia64",
          "2.1AS:python-0:1.5.2-43.72.2.src",
          "2.1AS:python-devel-0:1.5.2-43.72.2.i386",
          "2.1AS:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1AS:python-docs-0:1.5.2-43.72.2.i386",
          "2.1AS:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1AS:python-tools-0:1.5.2-43.72.2.i386",
          "2.1AS:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1AS:tkinter-0:1.5.2-43.72.2.i386",
          "2.1AS:tkinter-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-0:1.5.2-43.72.2.i386",
          "2.1AW:python-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-0:1.5.2-43.72.2.src",
          "2.1AW:python-devel-0:1.5.2-43.72.2.i386",
          "2.1AW:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-docs-0:1.5.2-43.72.2.i386",
          "2.1AW:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1AW:python-tools-0:1.5.2-43.72.2.i386",
          "2.1AW:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1AW:tkinter-0:1.5.2-43.72.2.i386",
          "2.1AW:tkinter-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-0:1.5.2-43.72.2.i386",
          "2.1ES:python-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-0:1.5.2-43.72.2.src",
          "2.1ES:python-devel-0:1.5.2-43.72.2.i386",
          "2.1ES:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-docs-0:1.5.2-43.72.2.i386",
          "2.1ES:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1ES:python-tools-0:1.5.2-43.72.2.i386",
          "2.1ES:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1ES:tkinter-0:1.5.2-43.72.2.i386",
          "2.1ES:tkinter-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-0:1.5.2-43.72.2.i386",
          "2.1WS:python-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-0:1.5.2-43.72.2.src",
          "2.1WS:python-devel-0:1.5.2-43.72.2.i386",
          "2.1WS:python-devel-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-docs-0:1.5.2-43.72.2.i386",
          "2.1WS:python-docs-0:1.5.2-43.72.2.ia64",
          "2.1WS:python-tools-0:1.5.2-43.72.2.i386",
          "2.1WS:python-tools-0:1.5.2-43.72.2.ia64",
          "2.1WS:tkinter-0:1.5.2-43.72.2.i386",
          "2.1WS:tkinter-0:1.5.2-43.72.2.ia64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2007-2052"
        },
        {
          "category": "external",
          "summary": "RHBZ#235093",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=235093"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2007-2052",
          "url": "https://www.cve.org/CVERecord?id=CVE-2007-2052"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-2052",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2052"
        }
      ],
      "release_date": "2007-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  \n\nThis update is available via Red Hat Network.  Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "2.1AS:python-0:1.5.2-43.72.2.i386",
            "2.1AS:python-0:1.5.2-43.72.2.ia64",
            "2.1AS:python-0:1.5.2-43.72.2.src",
            "2.1AS:python-devel-0:1.5.2-43.72.2.i386",
            "2.1AS:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1AS:python-docs-0:1.5.2-43.72.2.i386",
            "2.1AS:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1AS:python-tools-0:1.5.2-43.72.2.i386",
            "2.1AS:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1AS:tkinter-0:1.5.2-43.72.2.i386",
            "2.1AS:tkinter-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-0:1.5.2-43.72.2.i386",
            "2.1AW:python-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-0:1.5.2-43.72.2.src",
            "2.1AW:python-devel-0:1.5.2-43.72.2.i386",
            "2.1AW:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-docs-0:1.5.2-43.72.2.i386",
            "2.1AW:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1AW:python-tools-0:1.5.2-43.72.2.i386",
            "2.1AW:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1AW:tkinter-0:1.5.2-43.72.2.i386",
            "2.1AW:tkinter-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-0:1.5.2-43.72.2.i386",
            "2.1ES:python-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-0:1.5.2-43.72.2.src",
            "2.1ES:python-devel-0:1.5.2-43.72.2.i386",
            "2.1ES:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-docs-0:1.5.2-43.72.2.i386",
            "2.1ES:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1ES:python-tools-0:1.5.2-43.72.2.i386",
            "2.1ES:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1ES:tkinter-0:1.5.2-43.72.2.i386",
            "2.1ES:tkinter-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-0:1.5.2-43.72.2.i386",
            "2.1WS:python-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-0:1.5.2-43.72.2.src",
            "2.1WS:python-devel-0:1.5.2-43.72.2.i386",
            "2.1WS:python-devel-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-docs-0:1.5.2-43.72.2.i386",
            "2.1WS:python-docs-0:1.5.2-43.72.2.ia64",
            "2.1WS:python-tools-0:1.5.2-43.72.2.i386",
            "2.1WS:python-tools-0:1.5.2-43.72.2.ia64",
            "2.1WS:tkinter-0:1.5.2-43.72.2.i386",
            "2.1WS:tkinter-0:1.5.2-43.72.2.ia64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2007:1077"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "python off-by-one locale.strxfrm() (possible memory disclosure)"
    }
  ]
}

cve-2006-7228

Vulnerability from cvelistv5

Published

2007-11-14 21:00

Modified

2024-08-07 20:57

Severity

Summary

Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227. NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split.

References

URL	Tags
https://bugzilla.redhat.com/show_bug.cgi?id=383371	x_refsource_MISC
http://secunia.com/advisories/30219	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27776	third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200711-30.xml	vendor-advisory, x_refsource_GENTOO
http://lists.vmware.com/pipermail/security-announce/2008/000005.html	mailing-list, x_refsource_MLIST
http://secunia.com/advisories/28050	third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:030	vendor-advisory, x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2008-0546.html	vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2008/dsa-1570	vendor-advisory, x_refsource_DEBIAN
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html	vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/28658	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27773	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/28406	third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/490917/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/29032	third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1065.html	vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/31124	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/29085	third-party-advisory, x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm	x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-1077.html	vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/archive/1/488457/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/26462	vdb-entry, x_refsource_BID
http://secunia.com/advisories/29785	third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1076.html	vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-1068.html	vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2008/0637	vdb-entry, x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200805-11.xml	vendor-advisory, x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2007-1059.html	vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2008/1234/references	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/28041	third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200802-10.xml	vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/28027	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27741	third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810	vdb-entry, signature, x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDVSA-2008:012	vendor-advisory, x_refsource_MANDRIVA
http://www.novell.com/linux/security/advisories/2007_62_pcre.html	vendor-advisory, x_refsource_SUSE
http://www.pcre.org/changelog.txt	x_refsource_CONFIRM
http://secunia.com/advisories/30155	third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-1063.html	vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/28720	third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200801-02.xml	vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/27582	third-party-advisory, x_refsource_SECUNIA
http://lists.vmware.com/pipermail/security-announce/2008/000014.html	mailing-list, x_refsource_MLIST
http://bugs.gentoo.org/show_bug.cgi?id=198976	x_refsource_MISC
http://scary.beasts.org/security/CESA-2007-006.html	x_refsource_MISC
http://security.gentoo.org/glsa/glsa-200801-19.xml	vendor-advisory, x_refsource_GENTOO
http://security.gentoo.org/glsa/glsa-200801-18.xml	vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/28414	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30106	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/28714	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.778Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=383371"
          },
          {
            "name": "30219",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30219"
          },
          {
            "name": "27776",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27776"
          },
          {
            "name": "GLSA-200711-30",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
          },
          {
            "name": "[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000005.html"
          },
          {
            "name": "28050",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28050"
          },
          {
            "name": "MDVSA-2008:030",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030"
          },
          {
            "name": "RHSA-2008:0546",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
          },
          {
            "name": "DSA-1570",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1570"
          },
          {
            "name": "SUSE-SA:2008:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
          },
          {
            "name": "28658",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28658"
          },
          {
            "name": "27773",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27773"
          },
          {
            "name": "28406",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28406"
          },
          {
            "name": "20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490917/100/0/threaded"
          },
          {
            "name": "29032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29032"
          },
          {
            "name": "RHSA-2007:1065",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1065.html"
          },
          {
            "name": "31124",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31124"
          },
          {
            "name": "29085",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29085"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm"
          },
          {
            "name": "RHSA-2007:1077",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1077.html"
          },
          {
            "name": "20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/488457/100/0/threaded"
          },
          {
            "name": "26462",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26462"
          },
          {
            "name": "29785",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29785"
          },
          {
            "name": "RHSA-2007:1076",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1076.html"
          },
          {
            "name": "RHSA-2007:1068",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1068.html"
          },
          {
            "name": "ADV-2008-0637",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0637"
          },
          {
            "name": "GLSA-200805-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
          },
          {
            "name": "RHSA-2007:1059",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1059.html"
          },
          {
            "name": "ADV-2008-1234",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1234/references"
          },
          {
            "name": "28041",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28041"
          },
          {
            "name": "GLSA-200802-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200802-10.xml"
          },
          {
            "name": "28027",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28027"
          },
          {
            "name": "27741",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27741"
          },
          {
            "name": "oval:org.mitre.oval:def:10810",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810"
          },
          {
            "name": "MDVSA-2008:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:012"
          },
          {
            "name": "SUSE-SA:2007:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.pcre.org/changelog.txt"
          },
          {
            "name": "30155",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30155"
          },
          {
            "name": "RHSA-2007:1063",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1063.html"
          },
          {
            "name": "28720",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28720"
          },
          {
            "name": "GLSA-200801-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
          },
          {
            "name": "27582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27582"
          },
          {
            "name": "[Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000014.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2007-006.html"
          },
          {
            "name": "GLSA-200801-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
          },
          {
            "name": "GLSA-200801-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
          },
          {
            "name": "28414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28414"
          },
          {
            "name": "30106",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30106"
          },
          {
            "name": "28714",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28714"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an incorrect length calculation and trigger a buffer overflow, a different vulnerability than CVE-2006-7227.  NOTE: this issue was originally subsumed by CVE-2006-7224, but that CVE has been REJECTED and split."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=383371"
        },
        {
          "name": "30219",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30219"
        },
        {
          "name": "27776",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27776"
        },
        {
          "name": "GLSA-200711-30",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
        },
        {
          "name": "[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000005.html"
        },
        {
          "name": "28050",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28050"
        },
        {
          "name": "MDVSA-2008:030",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030"
        },
        {
          "name": "RHSA-2008:0546",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
        },
        {
          "name": "DSA-1570",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1570"
        },
        {
          "name": "SUSE-SA:2008:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
        },
        {
          "name": "28658",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28658"
        },
        {
          "name": "27773",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27773"
        },
        {
          "name": "28406",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28406"
        },
        {
          "name": "20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490917/100/0/threaded"
        },
        {
          "name": "29032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29032"
        },
        {
          "name": "RHSA-2007:1065",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1065.html"
        },
        {
          "name": "31124",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31124"
        },
        {
          "name": "29085",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29085"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm"
        },
        {
          "name": "RHSA-2007:1077",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1077.html"
        },
        {
          "name": "20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/488457/100/0/threaded"
        },
        {
          "name": "26462",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26462"
        },
        {
          "name": "29785",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29785"
        },
        {
          "name": "RHSA-2007:1076",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1076.html"
        },
        {
          "name": "RHSA-2007:1068",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1068.html"
        },
        {
          "name": "ADV-2008-0637",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0637"
        },
        {
          "name": "GLSA-200805-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
        },
        {
          "name": "RHSA-2007:1059",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1059.html"
        },
        {
          "name": "ADV-2008-1234",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1234/references"
        },
        {
          "name": "28041",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28041"
        },
        {
          "name": "GLSA-200802-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200802-10.xml"
        },
        {
          "name": "28027",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28027"
        },
        {
          "name": "27741",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27741"
        },
        {
          "name": "oval:org.mitre.oval:def:10810",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810"
        },
        {
          "name": "MDVSA-2008:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:012"
        },
        {
          "name": "SUSE-SA:2007:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.pcre.org/changelog.txt"
        },
        {
          "name": "30155",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30155"
        },
        {
          "name": "RHSA-2007:1063",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1063.html"
        },
        {
          "name": "28720",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28720"
        },
        {
          "name": "GLSA-200801-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
        },
        {
          "name": "27582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27582"
        },
        {
          "name": "[Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000014.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2007-006.html"
        },
        {
          "name": "GLSA-200801-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
        },
        {
          "name": "GLSA-200801-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
        },
        {
          "name": "28414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28414"
        },
        {
          "name": "30106",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30106"
        },
        {
          "name": "28714",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28714"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-7228",
    "datePublished": "2007-11-14T21:00:00",
    "dateReserved": "2007-11-14T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.778Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-2052

Vulnerability from cvelistv5

Published

2007-04-16 22:00

Modified

2024-08-07 13:23

Severity

Summary

Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.

References

URL	Tags
http://lists.vmware.com/pipermail/security-announce/2008/000005.html	mailing-list, x_refsource_MLIST
http://secunia.com/advisories/28050	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25190	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25217	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/37471	third-party-advisory, x_refsource_SECUNIA
http://www.python.org/download/releases/2.5.1/NEWS.txt	x_refsource_CONFIRM
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416934	x_refsource_CONFIRM
http://www.debian.org/security/2008/dsa-1551	vendor-advisory, x_refsource_DEBIAN
http://www.vmware.com/security/advisories/VMSA-2009-0016.html	x_refsource_CONFIRM
http://secunia.com/advisories/29303	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1465	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/29032	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31492	third-party-advisory, x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353	vdb-entry, signature, x_refsource_OVAL
http://www.securityfocus.com/archive/1/469294/30/6450/threaded	mailing-list, x_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2008-0629.html	vendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2007-1077.html	vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/archive/1/488457/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2007-1076.html	vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/archive/1/507985/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2008/0637	vdb-entry, x_refsource_VUPEN
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235093	x_refsource_CONFIRM
http://secunia.com/advisories/25353	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25233	third-party-advisory, x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1358	x_refsource_CONFIRM
http://www.ubuntu.com/usn/usn-585-1	vendor-advisory, x_refsource_UBUNTU
http://www.trustix.org/errata/2007/0019/	vendor-advisory, x_refsource_TRUSTIX
http://secunia.com/advisories/28027	third-party-advisory, x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_13_sr.html	vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/31255	third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1620	vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/25787	third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/23887	vdb-entry, x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/34060	vdb-entry, x_refsource_XF
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716	vdb-entry, signature, x_refsource_OVAL
http://www.vupen.com/english/advisories/2009/3316	vdb-entry, x_refsource_VUPEN
http://www.mandriva.com/security/advisories?name=MDKSA-2007:099	vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/29889	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:23:50.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000005.html"
          },
          {
            "name": "28050",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28050"
          },
          {
            "name": "25190",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25190"
          },
          {
            "name": "25217",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25217"
          },
          {
            "name": "37471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37471"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.python.org/download/releases/2.5.1/NEWS.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416934"
          },
          {
            "name": "DSA-1551",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1551"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
          },
          {
            "name": "29303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29303"
          },
          {
            "name": "ADV-2007-1465",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1465"
          },
          {
            "name": "29032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29032"
          },
          {
            "name": "31492",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "name": "oval:org.mitre.oval:def:8353",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353"
          },
          {
            "name": "20070521 FLEA-2007-0019-1: python",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/469294/30/6450/threaded"
          },
          {
            "name": "RHSA-2008:0629",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
          },
          {
            "name": "RHSA-2007:1077",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1077.html"
          },
          {
            "name": "20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/488457/100/0/threaded"
          },
          {
            "name": "RHSA-2007:1076",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1076.html"
          },
          {
            "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
          },
          {
            "name": "ADV-2008-0637",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0637"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235093"
          },
          {
            "name": "25353",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25353"
          },
          {
            "name": "25233",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25233"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1358"
          },
          {
            "name": "USN-585-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-585-1"
          },
          {
            "name": "2007-0019",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0019/"
          },
          {
            "name": "28027",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28027"
          },
          {
            "name": "SUSE-SR:2007:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"
          },
          {
            "name": "31255",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31255"
          },
          {
            "name": "DSA-1620",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1620"
          },
          {
            "name": "25787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25787"
          },
          {
            "name": "23887",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23887"
          },
          {
            "name": "python-localemodule-information-disclosure(34060)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34060"
          },
          {
            "name": "oval:org.mitre.oval:def:11716",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716"
          },
          {
            "name": "ADV-2009-3316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3316"
          },
          {
            "name": "MDKSA-2007:099",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:099"
          },
          {
            "name": "29889",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29889"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000005.html"
        },
        {
          "name": "28050",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28050"
        },
        {
          "name": "25190",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25190"
        },
        {
          "name": "25217",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25217"
        },
        {
          "name": "37471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37471"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.python.org/download/releases/2.5.1/NEWS.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416934"
        },
        {
          "name": "DSA-1551",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1551"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
        },
        {
          "name": "29303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29303"
        },
        {
          "name": "ADV-2007-1465",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1465"
        },
        {
          "name": "29032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29032"
        },
        {
          "name": "31492",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31492"
        },
        {
          "name": "oval:org.mitre.oval:def:8353",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353"
        },
        {
          "name": "20070521 FLEA-2007-0019-1: python",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/469294/30/6450/threaded"
        },
        {
          "name": "RHSA-2008:0629",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
        },
        {
          "name": "RHSA-2007:1077",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1077.html"
        },
        {
          "name": "20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/488457/100/0/threaded"
        },
        {
          "name": "RHSA-2007:1076",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1076.html"
        },
        {
          "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
        },
        {
          "name": "ADV-2008-0637",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0637"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235093"
        },
        {
          "name": "25353",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25353"
        },
        {
          "name": "25233",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25233"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1358"
        },
        {
          "name": "USN-585-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-585-1"
        },
        {
          "name": "2007-0019",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0019/"
        },
        {
          "name": "28027",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28027"
        },
        {
          "name": "SUSE-SR:2007:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"
        },
        {
          "name": "31255",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31255"
        },
        {
          "name": "DSA-1620",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1620"
        },
        {
          "name": "25787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25787"
        },
        {
          "name": "23887",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23887"
        },
        {
          "name": "python-localemodule-information-disclosure(34060)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34060"
        },
        {
          "name": "oval:org.mitre.oval:def:11716",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716"
        },
        {
          "name": "ADV-2009-3316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3316"
        },
        {
          "name": "MDKSA-2007:099",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:099"
        },
        {
          "name": "29889",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29889"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2052",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000005.html"
            },
            {
              "name": "28050",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28050"
            },
            {
              "name": "25190",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25190"
            },
            {
              "name": "25217",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25217"
            },
            {
              "name": "37471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37471"
            },
            {
              "name": "http://www.python.org/download/releases/2.5.1/NEWS.txt",
              "refsource": "CONFIRM",
              "url": "http://www.python.org/download/releases/2.5.1/NEWS.txt"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416934",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416934"
            },
            {
              "name": "DSA-1551",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1551"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
            },
            {
              "name": "29303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29303"
            },
            {
              "name": "ADV-2007-1465",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1465"
            },
            {
              "name": "29032",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29032"
            },
            {
              "name": "31492",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31492"
            },
            {
              "name": "oval:org.mitre.oval:def:8353",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353"
            },
            {
              "name": "20070521 FLEA-2007-0019-1: python",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/469294/30/6450/threaded"
            },
            {
              "name": "RHSA-2008:0629",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
            },
            {
              "name": "RHSA-2007:1077",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1077.html"
            },
            {
              "name": "20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/488457/100/0/threaded"
            },
            {
              "name": "RHSA-2007:1076",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1076.html"
            },
            {
              "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
            },
            {
              "name": "ADV-2008-0637",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0637"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235093",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235093"
            },
            {
              "name": "25353",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25353"
            },
            {
              "name": "25233",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25233"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1358",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1358"
            },
            {
              "name": "USN-585-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-585-1"
            },
            {
              "name": "2007-0019",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2007/0019/"
            },
            {
              "name": "28027",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28027"
            },
            {
              "name": "SUSE-SR:2007:013",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_13_sr.html"
            },
            {
              "name": "31255",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31255"
            },
            {
              "name": "DSA-1620",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1620"
            },
            {
              "name": "25787",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25787"
            },
            {
              "name": "23887",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23887"
            },
            {
              "name": "python-localemodule-information-disclosure(34060)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34060"
            },
            {
              "name": "oval:org.mitre.oval:def:11716",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716"
            },
            {
              "name": "ADV-2009-3316",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3316"
            },
            {
              "name": "MDKSA-2007:099",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:099"
            },
            {
              "name": "29889",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29889"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2052",
    "datePublished": "2007-04-16T22:00:00",
    "dateReserved": "2007-04-16T00:00:00",
    "dateUpdated": "2024-08-07T13:23:50.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2007_1077

Vulnerability from csaf_redhat

cve-2006-7228

Vulnerability from cvelistv5

cve-2007-2052

Vulnerability from cvelistv5

Tags