Red Hat Customer Portal

Skip to main content

CVE-2010-2089

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

Details Source

Mitre

Public Date

2010-01-11 00:00:00

Impact

Low

Bugzilla

CVE-2010-2089 Python: Memory corruption in audioop module

Bugzilla ID

598 197

CVSS Status

verified

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:N/I:N/A:P

IAVA

2012-A-0020

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (python) RHSA-2011:0491 2011-05-05
Red Hat Enterprise Linux 5 (python) RHSA-2011:0027 2011-01-13

Affected Packages State

Platform Package State
Red Hat Enterprise Linux Server EUS (v. 6.0) python Affected