CVE-2010-1634

Priority
Description
Multiple integer overflows in audioop.c in the audioop module in Python
2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial
of service (application crash) via a large fragment, as demonstrated by a
call to audioop.lin2lin with a long string in the first argument, leading
to a buffer overflow. NOTE: this vulnerability exists because of an
incorrect fix for CVE-2008-3143.5.
Assigned-to
jdstrand
Package
Upstream:needs-triage
Package
Upstream:released (2.7-1)
Package
Upstream:released (3.2)
More Information

Updated: 2019-01-14 21:52:29 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)