Home Corporate Website Jobs Mailing Lists RSS Blog New entry Advertise
	Software Inspectors   Scan Online   Personal (PSI)   Network (NSI 2.0)   - NEW - Solutions For   Security Professionals   Security Vendors Free Solutions For   Open Communities   Journalists & Media Secunia Advisories   Search   Historic Advisories   Listed By Product   Listed By Vendor   Statistics / Graphs   Secunia Research   Report Vulnerability   About Advisories Virus Information   Chronological List   Last 10 Virus Alerts   About Virus Information Secunia Customers   Customer Area CVE Reference: CVE-2007-2052 NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. Original Page at CVE MITRE: CVE-2007-2052 Description: Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination. CVE Status: Candidate References: UBUNTU   http://www.ubuntu.com/usn/usn-585-1 TRUSTIX   http://www.trustix.org/errata/2007/0019/ SUSE   http://www.novell.com/linux/security/advisories/2007_13_sr.html SAID   Secunia Advisory: SA25787   Secunia Advisory: SA25233   Secunia Advisory: SA25353   Secunia Advisory: SA25217   Secunia Advisory: SA25190   Secunia Advisory: SA28027   Secunia Advisory: SA28050   Secunia Advisory: SA29032   Secunia Advisory: SA29303   Secunia Advisory: SA29889 REDHAT   http://www.redhat.com/support/errata/RHSA-2007-1076.html   http://www.redhat.com/support/errata/RHSA-2007-1077.html MLIST   http://lists.vmware.com/pipermail/security-announce/2008/000005.html MANDRIVA   http://www.mandriva.com/security/advisories?name=MDKSA-2007:099 DEBIAN   http://www.debian.org/security/2008/dsa-1551 CONFIRM   http://www.python.org/download/releases/2.5.1/NEWS.txt   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416934 BUGTRAQ   http://www.securityfocus.com/archive/1/archive/1/488457/100/0/threaded BID   23887 Return to the previous page. Secunia PSI Scan | Patch | Track Free Download Secunia Poll Do you think it's important to read Setup/User Guides for applications for use within your network? Yes, I do it all the time Yes, but I do it rarely No See Results    Most Popular Advisories 1. Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation 2. Citrix Access Gateway Unspecified Authentication Bypass 3. Kmita Mail "file" File Inclusion Vulnerability 4. Debian update for kernel 5. Novell Client Login Long Username/Contex t Buffer Overflow 6. GNU Emacs "fast-lock-mode " File Processing Vulnerability 7. Gentoo update for aterm, eterm, rxvt, mrxvt, multi-aterm, wterm, and rxvt-unicode 8. Battle.net Clan Script "showmember" SQL Injection Vulnerability 9. IBM Lotus Quickr WYSIWYG Editors Unspecified Cross-Site Scripting 10. rxvt-unicode X11 Display Security Issue
Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia