CVE-2010-2089

描述

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

受影響套件(1)

• Debian/python2.7from 0, < 2.7-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-2089