Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google."
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
Python software foundation Python 2.5.1 (not an official CPE)
Python software foundation Python 2.4.5 (not an official CPE)
Python software foundation Python 2.3.7 (not an official CPE)
Python software foundation Python 2.2.3 (not an official CPE)
Python software foundation Python 2.1.3 (not an official CPE)
Python software foundation Python 2.0.1 (not an official CPE)
Python software foundation Python 1.6.1 (not an official CPE)
Python software foundation Python 1.5.2 (not an official CPE)