CVE-2006-4980

Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
References
Link Resource
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc Patch Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589 Third Party Advisory
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162 Issue Tracking
http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html Third Party Advisory
http://secunia.com/advisories/22276 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/22297 Broken Link
http://secunia.com/advisories/22303 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/22357 Broken Link
http://secunia.com/advisories/22358 Broken Link
http://secunia.com/advisories/22379 Broken Link
http://secunia.com/advisories/22448 Broken Link
http://secunia.com/advisories/22487 Broken Link
http://secunia.com/advisories/22512 Broken Link
http://secunia.com/advisories/22531 Broken Link
http://secunia.com/advisories/22639 Broken Link
http://secunia.com/advisories/23680 Broken Link
http://secunia.com/advisories/31492 Broken Link
http://security.gentoo.org/glsa/glsa-200610-07.xml Third Party Advisory
http://securitytracker.com/id?1017019 Third Party Advisory VDB Entry
http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm Third Party Advisory
http://www.debian.org/security/2006/dsa-1197 Third Party Advisory
http://www.debian.org/security/2006/dsa-1198 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:181 Broken Link Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_25_sr.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0713.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html Third Party Advisory
http://www.securityfocus.com/archive/1/448244/100/100/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/456546/100/200/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/20376 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-359-1 Third Party Advisory
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Third Party Advisory
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Third Party Advisory
http://www.vupen.com/english/advisories/2006/3940 Broken Link
http://www.vupen.com/english/advisories/2006/5131 Broken Link
http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29408 Broken Link VDB Entry
https://issues.rpath.com/browse/RPL-702 Third Party Advisory
https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789 Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc Patch Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589 Third Party Advisory
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162 Issue Tracking
http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html Third Party Advisory
http://secunia.com/advisories/22276 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/22297 Broken Link
http://secunia.com/advisories/22303 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/22357 Broken Link
http://secunia.com/advisories/22358 Broken Link
http://secunia.com/advisories/22379 Broken Link
http://secunia.com/advisories/22448 Broken Link
http://secunia.com/advisories/22487 Broken Link
http://secunia.com/advisories/22512 Broken Link
http://secunia.com/advisories/22531 Broken Link
http://secunia.com/advisories/22639 Broken Link
http://secunia.com/advisories/23680 Broken Link
http://secunia.com/advisories/31492 Broken Link
http://security.gentoo.org/glsa/glsa-200610-07.xml Third Party Advisory
http://securitytracker.com/id?1017019 Third Party Advisory VDB Entry
http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm Third Party Advisory
http://www.debian.org/security/2006/dsa-1197 Third Party Advisory
http://www.debian.org/security/2006/dsa-1198 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:181 Broken Link Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_25_sr.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0713.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html Third Party Advisory
http://www.securityfocus.com/archive/1/448244/100/100/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/456546/100/200/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/20376 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-359-1 Third Party Advisory
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Third Party Advisory
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Third Party Advisory
http://www.vupen.com/english/advisories/2006/3940 Broken Link
http://www.vupen.com/english/advisories/2006/5131 Broken Link
http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29408 Broken Link VDB Entry
https://issues.rpath.com/browse/RPL-702 Third Party Advisory
https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789 Broken Link
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:17

Type Values Removed Values Added
References () ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc - Patch, Third Party Advisory () ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc - Patch, Third Party Advisory
References () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589 - Third Party Advisory () http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589 - Third Party Advisory
References () http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162 - Issue Tracking () http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162 - Issue Tracking
References () http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html - Third Party Advisory () http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html - Third Party Advisory
References () http://secunia.com/advisories/22276 - Broken Link, Patch, Vendor Advisory () http://secunia.com/advisories/22276 - Broken Link, Patch, Vendor Advisory
References () http://secunia.com/advisories/22297 - Broken Link () http://secunia.com/advisories/22297 - Broken Link
References () http://secunia.com/advisories/22303 - Broken Link, Patch, Vendor Advisory () http://secunia.com/advisories/22303 - Broken Link, Patch, Vendor Advisory
References () http://secunia.com/advisories/22357 - Broken Link () http://secunia.com/advisories/22357 - Broken Link
References () http://secunia.com/advisories/22358 - Broken Link () http://secunia.com/advisories/22358 - Broken Link
References () http://secunia.com/advisories/22379 - Broken Link () http://secunia.com/advisories/22379 - Broken Link
References () http://secunia.com/advisories/22448 - Broken Link () http://secunia.com/advisories/22448 - Broken Link
References () http://secunia.com/advisories/22487 - Broken Link () http://secunia.com/advisories/22487 - Broken Link
References () http://secunia.com/advisories/22512 - Broken Link () http://secunia.com/advisories/22512 - Broken Link
References () http://secunia.com/advisories/22531 - Broken Link () http://secunia.com/advisories/22531 - Broken Link
References () http://secunia.com/advisories/22639 - Broken Link () http://secunia.com/advisories/22639 - Broken Link
References () http://secunia.com/advisories/23680 - Broken Link () http://secunia.com/advisories/23680 - Broken Link
References () http://secunia.com/advisories/31492 - Broken Link () http://secunia.com/advisories/31492 - Broken Link
References () http://security.gentoo.org/glsa/glsa-200610-07.xml - Third Party Advisory () http://security.gentoo.org/glsa/glsa-200610-07.xml - Third Party Advisory
References () http://securitytracker.com/id?1017019 - Third Party Advisory, VDB Entry () http://securitytracker.com/id?1017019 - Third Party Advisory, VDB Entry
References () http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470 - Third Party Advisory () http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470 - Third Party Advisory
References () http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm - Third Party Advisory () http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm - Third Party Advisory
References () http://www.debian.org/security/2006/dsa-1197 - Third Party Advisory () http://www.debian.org/security/2006/dsa-1197 - Third Party Advisory
References () http://www.debian.org/security/2006/dsa-1198 - Third Party Advisory () http://www.debian.org/security/2006/dsa-1198 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:181 - Broken Link, Third Party Advisory () http://www.mandriva.com/security/advisories?name=MDKSA-2006:181 - Broken Link, Third Party Advisory
References () http://www.novell.com/linux/security/advisories/2006_25_sr.html - Third Party Advisory () http://www.novell.com/linux/security/advisories/2006_25_sr.html - Third Party Advisory
References () http://www.redhat.com/support/errata/RHSA-2006-0713.html - Third Party Advisory () http://www.redhat.com/support/errata/RHSA-2006-0713.html - Third Party Advisory
References () http://www.redhat.com/support/errata/RHSA-2008-0629.html - Third Party Advisory () http://www.redhat.com/support/errata/RHSA-2008-0629.html - Third Party Advisory
References () http://www.securityfocus.com/archive/1/448244/100/100/threaded - Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/448244/100/100/threaded - Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/archive/1/456546/100/200/threaded - Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/456546/100/200/threaded - Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/20376 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/20376 - Third Party Advisory, VDB Entry
References () http://www.ubuntu.com/usn/usn-359-1 - Third Party Advisory () http://www.ubuntu.com/usn/usn-359-1 - Third Party Advisory
References () http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html - Third Party Advisory () http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html - Third Party Advisory
References () http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html - Third Party Advisory () http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html - Third Party Advisory
References () http://www.vupen.com/english/advisories/2006/3940 - Broken Link () http://www.vupen.com/english/advisories/2006/3940 - Broken Link
References () http://www.vupen.com/english/advisories/2006/5131 - Broken Link () http://www.vupen.com/english/advisories/2006/5131 - Broken Link
References () http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff - Third Party Advisory () http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff - Third Party Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/29408 - Broken Link, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/29408 - Broken Link, VDB Entry
References () https://issues.rpath.com/browse/RPL-702 - Third Party Advisory () https://issues.rpath.com/browse/RPL-702 - Third Party Advisory
References () https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633 - Third Party Advisory () https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633 - Third Party Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789 - Broken Link

02 Aug 2023, 18:04

Type Values Removed Values Added
First Time Python
Python python
CPE cpe:2.3:a:python_software_foundation:python:2.5_beta_2:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.4:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.5_final:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.5_alpha_1:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.5_release_candidate_2:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.5_beta_3:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.5_beta_1:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.5_release_candidate_1:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.5_alpha_2:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.3:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
References (CONFIRM) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589 - (CONFIRM) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589 - Third Party Advisory
References (CONFIRM) http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162 - (CONFIRM) http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162 - Issue Tracking
References (SECUNIA) http://secunia.com/advisories/22358 - (SECUNIA) http://secunia.com/advisories/22358 - Broken Link
References (CONFIRM) http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html - (CONFIRM) http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/22531 - (SECUNIA) http://secunia.com/advisories/22531 - Broken Link
References (BUGTRAQ) http://www.securityfocus.com/archive/1/456546/100/200/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/456546/100/200/threaded - Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/22357 - (SECUNIA) http://secunia.com/advisories/22357 - Broken Link
References (VUPEN) http://www.vupen.com/english/advisories/2006/3940 - (VUPEN) http://www.vupen.com/english/advisories/2006/3940 - Broken Link
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0713.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2006-0713.html - Third Party Advisory
References (CONFIRM) http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html - (CONFIRM) http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/22276 - Patch, Vendor Advisory (SECUNIA) http://secunia.com/advisories/22276 - Broken Link, Patch, Vendor Advisory
References (SECUNIA) http://secunia.com/advisories/31492 - (SECUNIA) http://secunia.com/advisories/31492 - Broken Link
References (CONFIRM) http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff - (CONFIRM) http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff - Third Party Advisory
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2006:181 - (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDKSA-2006:181 - Broken Link, Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/22639 - (SECUNIA) http://secunia.com/advisories/22639 - Broken Link
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789 - Broken Link
References (VUPEN) http://www.vupen.com/english/advisories/2006/5131 - (VUPEN) http://www.vupen.com/english/advisories/2006/5131 - Broken Link
References (UBUNTU) http://www.ubuntu.com/usn/usn-359-1 - (UBUNTU) http://www.ubuntu.com/usn/usn-359-1 - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/20376 - (BID) http://www.securityfocus.com/bid/20376 - Third Party Advisory, VDB Entry
References (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0629.html - (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0629.html - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/22448 - (SECUNIA) http://secunia.com/advisories/22448 - Broken Link
References (SECUNIA) http://secunia.com/advisories/23680 - (SECUNIA) http://secunia.com/advisories/23680 - Broken Link
References (SECTRACK) http://securitytracker.com/id?1017019 - (SECTRACK) http://securitytracker.com/id?1017019 - Third Party Advisory, VDB Entry
References (CONFIRM) http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html - (CONFIRM) http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/22303 - Patch, Vendor Advisory (SECUNIA) http://secunia.com/advisories/22303 - Broken Link, Patch, Vendor Advisory
References (DEBIAN) http://www.debian.org/security/2006/dsa-1197 - (DEBIAN) http://www.debian.org/security/2006/dsa-1197 - Third Party Advisory
References (CONFIRM) http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm - (CONFIRM) http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm - Third Party Advisory
References (SGI) ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc - (SGI) ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc - Patch, Third Party Advisory
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/29408 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/29408 - Broken Link, VDB Entry
References (SECUNIA) http://secunia.com/advisories/22487 - (SECUNIA) http://secunia.com/advisories/22487 - Broken Link
References (SECUNIA) http://secunia.com/advisories/22297 - (SECUNIA) http://secunia.com/advisories/22297 - Broken Link
References (CONFIRM) https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633 - (CONFIRM) https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633 - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/22512 - (SECUNIA) http://secunia.com/advisories/22512 - Broken Link
References (CONFIRM) http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470 - (CONFIRM) http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470 - Third Party Advisory
References (CONFIRM) https://issues.rpath.com/browse/RPL-702 - (CONFIRM) https://issues.rpath.com/browse/RPL-702 - Third Party Advisory
References (SUSE) http://www.novell.com/linux/security/advisories/2006_25_sr.html - (SUSE) http://www.novell.com/linux/security/advisories/2006_25_sr.html - Third Party Advisory
References (SECUNIA) http://secunia.com/advisories/22379 - (SECUNIA) http://secunia.com/advisories/22379 - Broken Link
References (DEBIAN) http://www.debian.org/security/2006/dsa-1198 - (DEBIAN) http://www.debian.org/security/2006/dsa-1198 - Third Party Advisory
References (BUGTRAQ) http://www.securityfocus.com/archive/1/448244/100/100/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/448244/100/100/threaded - Third Party Advisory, VDB Entry
References (GENTOO) http://security.gentoo.org/glsa/glsa-200610-07.xml - (GENTOO) http://security.gentoo.org/glsa/glsa-200610-07.xml - Third Party Advisory

Information

Published : 2006-10-10 04:06

Updated : 2024-11-21 00:17


NVD link : CVE-2006-4980

Mitre link : CVE-2006-4980

CVE.ORG link : CVE-2006-4980


JSON object : View

Products Affected

python

  • python