Vulnerability Description
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Python | Python | < 2.3.6 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.ascPatchThird Party Advisory
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589Third Party Advisory
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162Issue Tracking
- http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.htmlThird Party Advisory
- http://secunia.com/advisories/22276Broken LinkPatchVendor Advisory
- http://secunia.com/advisories/22297Broken Link
- http://secunia.com/advisories/22303Broken LinkPatchVendor Advisory
- http://secunia.com/advisories/22357Broken Link
- http://secunia.com/advisories/22358Broken Link
- http://secunia.com/advisories/22379Broken Link
- http://secunia.com/advisories/22448Broken Link
- http://secunia.com/advisories/22487Broken Link
- http://secunia.com/advisories/22512Broken Link
- http://secunia.com/advisories/22531Broken Link
- http://secunia.com/advisories/22639Broken Link
FAQ
What is CVE-2006-4980?
CVE-2006-4980 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide char...
How severe is CVE-2006-4980?
CVE-2006-4980 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4980?
Check the references section above for vendor advisories and patch information. Affected products include: Python Python.