CVE-2010-1634 (retired)

Priority
Description
Multiple integer overflows in audioop.c in the audioop module in Python
2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial
of service (application crash) via a large fragment, as demonstrated by a
call to audioop.lin2lin with a long string in the first argument, leading
to a buffer overflow. NOTE: this vulnerability exists because of an
incorrect fix for CVE-2008-3143.5.
Assigned-to
jdstrand
Package
Upstream:needs-triage
Package
Upstream:released (2.7-1)
Package
Upstream:released (3.2)
More Information

Updated: 2019-03-26 11:51:32 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)