Vulnerability-Lookup

CVE-2010-2089 (GCVE-0-2010-2089)

Vulnerability from cvelistv5 – Published: 2010-05-27 19:00 – Updated: 2024-08-07 02:17

Summary

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=598197	x_refsource_CONFIRM
	http://secunia.com/advisories/43068	third-party-advisoryx_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/51087	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0212	vdb-entryx_refsource_VUPEN
	http://www.ubuntu.com/usn/USN-1616-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/51040	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/1448	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/50858	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/40863	vdb-entryx_refsource_BID
	http://bugs.python.org/issue7673	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.vupen.com/english/advisories/2011/0122	vdb-entryx_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/42888	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1596-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/40194	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-00…	vendor-advisoryx_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-1613-2	vendor-advisoryx_refsource_UBUNTU
	http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/51024	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1613-1	vendor-advisoryx_refsource_UBUNTU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:17:14.558Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
          },
          {
            "name": "43068",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "FEDORA-2010-9652",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
          },
          {
            "name": "51087",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51087"
          },
          {
            "name": "ADV-2011-0212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "USN-1616-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1616-1"
          },
          {
            "name": "51040",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51040"
          },
          {
            "name": "ADV-2010-1448",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1448"
          },
          {
            "name": "50858",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50858"
          },
          {
            "name": "40863",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40863"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.python.org/issue7673"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "ADV-2011-0122",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0122"
          },
          {
            "name": "SUSE-SR:2011:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "42888",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42888"
          },
          {
            "name": "USN-1596-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1596-1"
          },
          {
            "name": "40194",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40194"
          },
          {
            "name": "RHSA-2011:0027",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
          },
          {
            "name": "USN-1613-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1613-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "name": "SUSE-SR:2010:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
          },
          {
            "name": "51024",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51024"
          },
          {
            "name": "USN-1613-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1613-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-06-17T09:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
        },
        {
          "name": "43068",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43068"
        },
        {
          "name": "FEDORA-2010-9652",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
        },
        {
          "name": "51087",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51087"
        },
        {
          "name": "ADV-2011-0212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0212"
        },
        {
          "name": "USN-1616-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1616-1"
        },
        {
          "name": "51040",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51040"
        },
        {
          "name": "ADV-2010-1448",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1448"
        },
        {
          "name": "50858",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50858"
        },
        {
          "name": "40863",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40863"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.python.org/issue7673"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "name": "ADV-2011-0122",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0122"
        },
        {
          "name": "SUSE-SR:2011:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
        },
        {
          "name": "42888",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42888"
        },
        {
          "name": "USN-1596-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1596-1"
        },
        {
          "name": "40194",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40194"
        },
        {
          "name": "RHSA-2011:0027",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
        },
        {
          "name": "USN-1613-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1613-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        },
        {
          "name": "SUSE-SR:2010:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
        },
        {
          "name": "51024",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51024"
        },
        {
          "name": "USN-1613-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1613-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2089",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=598197",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "FEDORA-2010-9652",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
            },
            {
              "name": "51087",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51087"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "USN-1616-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1616-1"
            },
            {
              "name": "51040",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51040"
            },
            {
              "name": "ADV-2010-1448",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1448"
            },
            {
              "name": "50858",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/50858"
            },
            {
              "name": "40863",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/40863"
            },
            {
              "name": "http://bugs.python.org/issue7673",
              "refsource": "CONFIRM",
              "url": "http://bugs.python.org/issue7673"
            },
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "ADV-2011-0122",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0122"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "42888",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42888"
            },
            {
              "name": "USN-1596-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1596-1"
            },
            {
              "name": "40194",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40194"
            },
            {
              "name": "RHSA-2011:0027",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
            },
            {
              "name": "USN-1613-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1613-2"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "SUSE-SR:2010:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
            },
            {
              "name": "51024",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51024"
            },
            {
              "name": "USN-1613-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1613-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-2089",
    "datePublished": "2010-05-27T19:00:00.000Z",
    "dateReserved": "2010-05-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T02:17:14.558Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2010-2089

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-2089

Aliases

CVE-2010-2089

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-2089",
    "description": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.",
    "id": "GSD-2010-2089",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-2089.html",
      "https://access.redhat.com/errata/RHSA-2011:0491",
      "https://access.redhat.com/errata/RHSA-2011:0027",
      "https://linux.oracle.com/cve/CVE-2010-2089.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-2089"
      ],
      "details": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.",
      "id": "GSD-2010-2089",
      "modified": "2023-12-13T01:21:31.850121Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2010-2089",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=598197",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
          },
          {
            "name": "43068",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "name": "FEDORA-2010-9652",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
          },
          {
            "name": "51087",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/51087"
          },
          {
            "name": "ADV-2011-0212",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "name": "USN-1616-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1616-1"
          },
          {
            "name": "51040",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/51040"
          },
          {
            "name": "ADV-2010-1448",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/1448"
          },
          {
            "name": "50858",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/50858"
          },
          {
            "name": "40863",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/40863"
          },
          {
            "name": "http://bugs.python.org/issue7673",
            "refsource": "CONFIRM",
            "url": "http://bugs.python.org/issue7673"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "ADV-2011-0122",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0122"
          },
          {
            "name": "SUSE-SR:2011:002",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "name": "42888",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42888"
          },
          {
            "name": "USN-1596-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1596-1"
          },
          {
            "name": "40194",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/40194"
          },
          {
            "name": "RHSA-2011:0027",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
          },
          {
            "name": "USN-1613-2",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1613-2"
          },
          {
            "name": "http://support.apple.com/kb/HT5002",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "name": "SUSE-SR:2010:024",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
          },
          {
            "name": "51024",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/51024"
          },
          {
            "name": "USN-1613-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1613-1"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1.3",
                "versionStartIncluding": "3.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.6.6",
                "versionStartIncluding": "2.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.5.6",
                "versionStartIncluding": "2.5.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2089"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://bugs.python.org/issue7673",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://bugs.python.org/issue7673"
            },
            {
              "name": "FEDORA-2010-9652",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
            },
            {
              "name": "40863",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/40863"
            },
            {
              "name": "40194",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/40194"
            },
            {
              "name": "ADV-2010-1448",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1448"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=598197",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
            },
            {
              "name": "ADV-2011-0122",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0122"
            },
            {
              "name": "RHSA-2011:0027",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
            },
            {
              "name": "42888",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/42888"
            },
            {
              "name": "SUSE-SR:2010:024",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
            },
            {
              "name": "43068",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/43068"
            },
            {
              "name": "SUSE-SR:2011:002",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
            },
            {
              "name": "ADV-2011-0212",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0212"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "USN-1596-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1596-1"
            },
            {
              "name": "USN-1613-2",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1613-2"
            },
            {
              "name": "USN-1613-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1613-1"
            },
            {
              "name": "51040",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/51040"
            },
            {
              "name": "50858",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/50858"
            },
            {
              "name": "USN-1616-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1616-1"
            },
            {
              "name": "51087",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/51087"
            },
            {
              "name": "51024",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/51024"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2022-08-16T13:32Z",
      "publishedDate": "2010-05-27T19:30Z"
    }
  }
}

FKIE_CVE-2010-2089

Vulnerability from fkie_nvd - Published: 2010-05-27 19:30 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://bugs.python.org/issue7673	Patch, Vendor Advisory
cve@mitre.org	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List, Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/40194	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/42888	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/43068	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/50858	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/51024	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/51040	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/51087	Third Party Advisory
cve@mitre.org	http://support.apple.com/kb/HT5002	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2011-0027.html	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/40863	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.ubuntu.com/usn/USN-1596-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-1613-1	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-1613-2	Third Party Advisory
cve@mitre.org	http://www.ubuntu.com/usn/USN-1616-1	Third Party Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2010/1448	Third Party Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0122	Third Party Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0212	Third Party Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=598197	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://bugs.python.org/issue7673	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40194	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42888	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43068	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/50858	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51024	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51040	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51087	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5002	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-0027.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/40863	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1596-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1613-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1613-2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1616-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1448	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0122	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0212	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=598197	Issue Tracking, Third Party Advisory

Impacted products

Vendor	Product	Version
python	python	*
python	python	*
python	python	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7536F2B2-5752-490F-AADF-461A82C4BCB3",
              "versionEndExcluding": "2.5.6",
              "versionStartIncluding": "2.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CBBE2FD-8665-49A9-8608-981A979DDF6B",
              "versionEndExcluding": "2.6.6",
              "versionStartIncluding": "2.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B1FC450-BBF4-45E2-873E-3EB2CCA23845",
              "versionEndExcluding": "3.1.3",
              "versionStartIncluding": "3.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo audioop en Python v2.7 y v3.2 no verifica las relaciones entre tama\u00f1os de argumentos y longitud de cadenas de byte, lo que permite a atacantes de contexto causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de programa) a trav\u00e9s de argumentos manipulados, como queda demostrado por una llamada a audioop.reverse con una cadena de un byte, una vulnerabilidad diferente que CVE-2010-1634."
    }
  ],
  "id": "CVE-2010-2089",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-05-27T19:30:01.827",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugs.python.org/issue7673"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/40194"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/42888"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/50858"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51024"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51040"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51087"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/40863"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1596-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1613-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1613-2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1616-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1448"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0122"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugs.python.org/issue7673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/40194"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/42888"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/50858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51087"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/40863"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1596-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1613-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1613-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1616-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0122"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2012-AVI-046

Vulnerability from certfr_avis - Published: 2012-02-01 - Updated: 2012-02-01

Un grand nombre de vulnérabilités, dont certaines permettent d'exécuter du code arbitraire à distance, sont présentes dans VMware ESX et VMware ESXi.

Description

Un grand nombre de vulnérabilités existe dans VMWare ESX et VMware ESXi dont certaines, particulièrement critiques, peuvent conduire à une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	VMware	ESXi	VMware ESXi 4.1 ;
	VMware	ESXi	VMware ESX 4.1.

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2012-0001 du 30 janvier 2012	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2012-0001 du 30 janvier 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware ESXi 4.1 ;",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 4.1.",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUn grand nombre de vuln\u00e9rabilit\u00e9s existe dans VMWare ESX et VMware ESXi\ndont certaines, particuli\u00e8rement critiques, peuvent conduire \u00e0 une\nex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1170"
    },
    {
      "name": "CVE-2010-1634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1634"
    },
    {
      "name": "CVE-2010-2059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2059"
    },
    {
      "name": "CVE-2011-2901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2901"
    },
    {
      "name": "CVE-2011-2694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2694"
    },
    {
      "name": "CVE-2011-2213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2213"
    },
    {
      "name": "CVE-2010-4649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4649"
    },
    {
      "name": "CVE-2009-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3560"
    },
    {
      "name": "CVE-2011-1494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1494"
    },
    {
      "name": "CVE-2011-1044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1044"
    },
    {
      "name": "CVE-2011-3378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3378"
    },
    {
      "name": "CVE-2011-2022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2022"
    },
    {
      "name": "CVE-2011-1080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1080"
    },
    {
      "name": "CVE-2011-1746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1746"
    },
    {
      "name": "CVE-2011-0695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0695"
    },
    {
      "name": "CVE-2011-2522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2522"
    },
    {
      "name": "CVE-2011-1745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1745"
    },
    {
      "name": "CVE-2011-1780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1780"
    },
    {
      "name": "CVE-2011-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1078"
    },
    {
      "name": "CVE-2010-3493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3493"
    },
    {
      "name": "CVE-2011-1776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1776"
    },
    {
      "name": "CVE-2011-1171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1171"
    },
    {
      "name": "CVE-2011-1936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1936"
    },
    {
      "name": "CVE-2011-1678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1678"
    },
    {
      "name": "CVE-2011-1593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1593"
    },
    {
      "name": "CVE-2011-1182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1182"
    },
    {
      "name": "CVE-2011-1093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1093"
    },
    {
      "name": "CVE-2011-2517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2517"
    },
    {
      "name": "CVE-2011-1521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1521"
    },
    {
      "name": "CVE-2011-1763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1763"
    },
    {
      "name": "CVE-2011-2192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2192"
    },
    {
      "name": "CVE-2011-0726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0726"
    },
    {
      "name": "CVE-2011-1015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1015"
    },
    {
      "name": "CVE-2011-2492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2492"
    },
    {
      "name": "CVE-2011-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1079"
    },
    {
      "name": "CVE-2011-2525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2525"
    },
    {
      "name": "CVE-2011-2482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2482"
    },
    {
      "name": "CVE-2011-1573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1573"
    },
    {
      "name": "CVE-2011-1166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1166"
    },
    {
      "name": "CVE-2011-2689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2689"
    },
    {
      "name": "CVE-2010-0787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0787"
    },
    {
      "name": "CVE-2011-1172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1172"
    },
    {
      "name": "CVE-2011-1163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1163"
    },
    {
      "name": "CVE-2010-2089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2089"
    },
    {
      "name": "CVE-2010-0547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0547"
    },
    {
      "name": "CVE-2009-3720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3720"
    },
    {
      "name": "CVE-2011-1577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1577"
    },
    {
      "name": "CVE-2011-2519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2519"
    },
    {
      "name": "CVE-2011-1495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1495"
    },
    {
      "name": "CVE-2011-0711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0711"
    },
    {
      "name": "CVE-2011-2491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2491"
    },
    {
      "name": "CVE-2011-1576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1576"
    },
    {
      "name": "CVE-2011-2495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2495"
    }
  ],
  "initial_release_date": "2012-02-01T00:00:00",
  "last_revision_date": "2012-02-01T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0001 du 30 janvier    2012 :",
      "url": "http://www.vmware.com/security/advisories/VMSA-2012-0001.html"
    }
  ],
  "reference": "CERTA-2012-AVI-046",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-02-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Un grand nombre de vuln\u00e9rabilit\u00e9s, dont certaines permettent d\u0027ex\u00e9cuter\ndu code arbitraire \u00e0 distance, sont pr\u00e9sentes dans VMware ESX et VMware\nESXi.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans VMware ESX et ESXi",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2012-0001 du 30 janvier 2012",
      "url": null
    }
  ]
}

CERTA-2011-AVI-564

Vulnerability from certfr_avis - Published: 2011-10-13 - Updated: 2011-10-13

Plusieurs vulnérabilités présentes dans Mac OS X ont été corrigées.

Description

De multiples vulnérabilités découvertes dans Mac OS X permettent à une personne malveillante d'exécuter du code arbitraire à distance avec potentiellement des privilèges élevés, de provoquer un déni de service, de contourner la politique de sécurité du système, de porter atteinte à la confidentialité et à l'intégrité des données ou encore de réaliser une injection de code indirecte.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Mac OS X v10.6.8 ;
Apple	N/A	Mac OS X Lion Server v10.7 et v10.7.1 ;
Apple	N/A	Mac OS X Server v10.7 et v10.7.1.
Apple	N/A	Mac OS X Server v10.6.8 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT5002 du 12 octobre 2011	None	vendor-advisory
Référence CVE CVE-2010-3436 :	-	other
Référence CVE CVE-2011-0708 :	-	other
Référence CVE CVE-2011-1467 :	-	other
Référence CVE CVE-2011-1910 :	-	other
Référence CVE CVE-2011-3217 :	-	other
Référence CVE CVE-2011-1153 :	-	other
Référence CVE CVE-2011-3220 :	-	other
Référence CVE CVE-2010-3614 :	-	other
Référence CVE CVE-2011-0420 :	-	other
Référence CVE CVE-2011-0411 :	-	other
Référence CVE CVE-2011-0224 :	-	other
Référence CVE CVE-2010-3613 :	-	other
Référence CVE CVE-2011-3225 :	-	other
Référence CVE CVE-2011-0249 :	-	other
Référence CVE CVE-2011-3227 :	-	other
Référence CVE CVE-2011-1521 :	-	other
Référence CVE CVE-2011-0185 :	-	other
Référence CVE CVE-2011-0252 :	-	other
Référence CVE CVE-2011-0226 :	-	other
Référence CVE CVE-2010-4645 :	-	other
Référence CVE CVE-2011-3213 :	-	other
Référence CVE CVE-2011-3221 :	-	other
Référence CVE CVE-2011-1471 :	-	other
Référence CVE CVE-2011-3435 :	-	other
Référence CVE CVE-2011-3218 :	-	other
Référence CVE CVE-2011-0013 :	-	other
Référence CVE CVE-2010-1634 :	-	other
Référence CVE CVE-2011-0250 :	-	other
Référence CVE CVE-2011-3224 :	-	other
Référence CVE CVE-2011-0259 :	-	other
Référence CVE CVE-2011-2690 :	-	other
Référence CVE CVE-2011-3226 :	-	other
Référence CVE CVE-2011-3216 :	-	other
Référence CVE CVE-2011-3212 :	-	other
Référence CVE CVE-2010-2089 :	-	other
Référence CVE CVE-2010-3718 :	-	other
Référence CVE CVE-2011-0260 :	-	other
Référence CVE CVE-2011-3214 :	-	other
Référence CVE CVE-2010-1157 :	-	other
Référence CVE CVE-2011-0707 :	-	other
Référence CVE CVE-2011-3223 :	-	other
Référence CVE CVE-2011-3246 :	-	other
Référence CVE CVE-2010-2227 :	-	other
Référence CVE CVE-2010-4172 :	-	other
Référence CVE CVE-2011-3436 :	-	other
Référence CVE CVE-2011-2691 :	-	other
Référence CVE CVE-2011-3437 :	-	other
Référence CVE CVE-2009-4022 :	-	other
Référence CVE CVE-2011-0187 :	-	other
Référence CVE CVE-2011-3192 :	-	other
Référence CVE CVE-2011-1755 :	-	other
Référence CVE CVE-2010-0097 :	-	other
Référence CVE CVE-2011-0419 :	-	other
Référence CVE CVE-2011-1466 :	-	other
Référence CVE CVE-2011-0421 :	-	other
Référence CVE CVE-2011-0251 :	-	other
Référence CVE CVE-2011-3219 :	-	other
Référence CVE CVE-2011-0229 :	-	other
Référence CVE CVE-2011-3222 :	-	other
Référence CVE CVE-2011-0534 :	-	other
Référence CVE CVE-2011-3228 :	-	other
Référence CVE CVE-2011-3215 :	-	other
Référence CVE CVE-2011-1092 :	-	other
Référence CVE CVE-2011-0230 :	-	other
Référence CVE CVE-2011-1470 :	-	other
Référence CVE CVE-2011-0231 :	-	other
Référence CVE CVE-2011-2692 :	-	other
Référence CVE CVE-2011-1468 :	-	other
Référence CVE CVE-2011-2464 :	-	other
Référence CVE CVE-2011-1469 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X v10.6.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Lion Server v10.7 et v10.7.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server v10.7 et v10.7.1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server v10.6.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans Mac OS X permettent \u00e0 une\npersonne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance avec\npotentiellement des privil\u00e8ges \u00e9lev\u00e9s, de provoquer un d\u00e9ni de service,\nde contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me, de porter atteinte \u00e0\nla confidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es ou encore de r\u00e9aliser\nune injection de code indirecte.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-3216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3216"
    },
    {
      "name": "CVE-2011-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3436"
    },
    {
      "name": "CVE-2010-1634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1634"
    },
    {
      "name": "CVE-2011-3214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3214"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2011-3192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
    },
    {
      "name": "CVE-2011-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3228"
    },
    {
      "name": "CVE-2011-0421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0421"
    },
    {
      "name": "CVE-2011-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0259"
    },
    {
      "name": "CVE-2011-3221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3221"
    },
    {
      "name": "CVE-2010-4172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4172"
    },
    {
      "name": "CVE-2011-3217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3217"
    },
    {
      "name": "CVE-2011-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3219"
    },
    {
      "name": "CVE-2011-0534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0534"
    },
    {
      "name": "CVE-2011-0230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0230"
    },
    {
      "name": "CVE-2011-0229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0229"
    },
    {
      "name": "CVE-2011-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1471"
    },
    {
      "name": "CVE-2011-3222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3222"
    },
    {
      "name": "CVE-2011-1466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1466"
    },
    {
      "name": "CVE-2011-0226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0226"
    },
    {
      "name": "CVE-2011-0013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0013"
    },
    {
      "name": "CVE-2011-0231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0231"
    },
    {
      "name": "CVE-2011-3213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3213"
    },
    {
      "name": "CVE-2009-4022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4022"
    },
    {
      "name": "CVE-2011-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1153"
    },
    {
      "name": "CVE-2011-3218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3218"
    },
    {
      "name": "CVE-2011-2692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2692"
    },
    {
      "name": "CVE-2010-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
    },
    {
      "name": "CVE-2011-0249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0249"
    },
    {
      "name": "CVE-2011-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3212"
    },
    {
      "name": "CVE-2011-0250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0250"
    },
    {
      "name": "CVE-2011-1092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1092"
    },
    {
      "name": "CVE-2011-3227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3227"
    },
    {
      "name": "CVE-2011-1469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1469"
    },
    {
      "name": "CVE-2010-2227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2227"
    },
    {
      "name": "CVE-2011-1910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1910"
    },
    {
      "name": "CVE-2011-3220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3220"
    },
    {
      "name": "CVE-2011-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0708"
    },
    {
      "name": "CVE-2010-3614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3614"
    },
    {
      "name": "CVE-2011-3224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3224"
    },
    {
      "name": "CVE-2011-3226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3226"
    },
    {
      "name": "CVE-2011-0260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0260"
    },
    {
      "name": "CVE-2011-2690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2690"
    },
    {
      "name": "CVE-2011-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3215"
    },
    {
      "name": "CVE-2010-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3613"
    },
    {
      "name": "CVE-2011-1521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1521"
    },
    {
      "name": "CVE-2011-1467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1467"
    },
    {
      "name": "CVE-2011-1755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1755"
    },
    {
      "name": "CVE-2011-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
    },
    {
      "name": "CVE-2011-3435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3435"
    },
    {
      "name": "CVE-2011-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2691"
    },
    {
      "name": "CVE-2011-3437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3437"
    },
    {
      "name": "CVE-2011-0251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0251"
    },
    {
      "name": "CVE-2011-1470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1470"
    },
    {
      "name": "CVE-2011-3225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3225"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2010-3718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3718"
    },
    {
      "name": "CVE-2011-2464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2464"
    },
    {
      "name": "CVE-2010-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
    },
    {
      "name": "CVE-2010-0097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0097"
    },
    {
      "name": "CVE-2011-0707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0707"
    },
    {
      "name": "CVE-2011-0252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0252"
    },
    {
      "name": "CVE-2011-0224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0224"
    },
    {
      "name": "CVE-2010-2089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2089"
    },
    {
      "name": "CVE-2011-0420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0420"
    },
    {
      "name": "CVE-2010-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1157"
    },
    {
      "name": "CVE-2011-0419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
    },
    {
      "name": "CVE-2011-1468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1468"
    },
    {
      "name": "CVE-2011-3223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3223"
    },
    {
      "name": "CVE-2011-0185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0185"
    }
  ],
  "initial_release_date": "2011-10-13T00:00:00",
  "last_revision_date": "2011-10-13T00:00:00",
  "links": [
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3436 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3436"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0708 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0708"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1467 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1467"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1910 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1910"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3217 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3217"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1153 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1153"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3220 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3220"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3614 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3614"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0420 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0420"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0411 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0411"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0224 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0224"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3613 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3613"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3225 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3225"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0249 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0249"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3227 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3227"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1521 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1521"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0185 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0185"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0252 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0252"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0226 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0226"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-4645 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4645"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3213 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3213"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3221 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3221"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1471 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1471"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3435 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3435"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3218 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3218"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0013 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0013"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-1634 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1634"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0250 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0250"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3224 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3224"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0259 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0259"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2690 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2690"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3226 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3226"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3216 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3216"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3212 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3212"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-2089 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2089"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3718 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3718"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0260 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0260"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3214 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3214"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-1157 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1157"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0707 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0707"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3223 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3223"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3246 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3246"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-2227 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2227"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-4172 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4172"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3436 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3436"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2691 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2691"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3437 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3437"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2009-4022 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2009-4022"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0187 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0187"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3192 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3192"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1755 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1755"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-0097 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-0097"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0419 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0419"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1466 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1466"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0421 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0421"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0251 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0251"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3219 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3219"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0229 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0229"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3222 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3222"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0534 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0534"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3228 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3228"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3215 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3215"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1092 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1092"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0230 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0230"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1470 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1470"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0231 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0231"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2692 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2692"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1468 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1468"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2464 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2464"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1469 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1469"
    }
  ],
  "reference": "CERTA-2011-AVI-564",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Mac OS X ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5002 du 12 octobre 2011",
      "url": "http://docs.info.apple.com/article.html?artnum=HT5002"
    }
  ]
}

GHSA-8428-FHPH-PVRC

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-2089"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-05-27T19:30:00Z",
    "severity": "MODERATE"
  },
  "details": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.",
  "id": "GHSA-8428-fhph-pvrc",
  "modified": "2022-05-13T01:31:00Z",
  "published": "2022-05-13T01:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2089"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197"
    },
    {
      "type": "WEB",
      "url": "http://bugs.python.org/issue7673"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40194"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42888"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/50858"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51024"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51040"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51087"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/40863"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1596-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1613-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1613-2"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1616-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1448"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0122"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-2089 (GCVE-0-2010-2089)

GSD-2010-2089

FKIE_CVE-2010-2089

CERTA-2012-AVI-046

Description

Solution

CERTA-2011-AVI-564

Description

Solution

GHSA-8428-FHPH-PVRC

Tags

Sightings

Nomenclature