FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

python -- buffer overrun in repr() for unicode strings

Affected packages
0 <= python+ipv6
python < 2.4.3_1
2.5.* < python < 2.5.c2

Details

VuXML ID fe83eb5b-55e1-11db-a5ae-00508d6a62df
Discovery 2006-08-15
Entry 2006-10-07
Modified 2006-10-08

Benjamin C. Wiley Sittler reports:

I discovered a [buffer overrun in repr() for unicode strings]. This causes an unpatched non-debug wide (UTF-32/UCS-4) build of python to abort.

Ubuntu security team reports:

If an application uses repr() on arbitrary untrusted data, this [bug] could be exploited to execute arbitrary code with the privileges of the python application.

References

CVE Name CVE-2006-4980
URL http://secunia.com/advisories/22276/
URL http://www.ubuntu.com/usn/usn-359-1
URL https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633