Unrated severityNVD Advisory· Published Apr 16, 2007· Updated Jun 16, 2026
CVE-2007-2052
CVE-2007-2052
Description
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
- osv-coords9 versionspkg:rpm/opensuse/python&distro=openSUSE%20Tumbleweedpkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1
< 2.7.18-8.1+ 8 more
- (no CPE)range: < 2.7.18-8.1
- (no CPE)range: < 2.7.17-7.32.1
- (no CPE)range: < 2.7.17-7.32.1
- (no CPE)range: < 2.7.17-7.32.1
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
- (no CPE)range: < 2.7.17-7.32.2
Patches
Vulnerability mechanics
References
38- bugs.debian.org/cgi-bin/bugreport.cginvdThird Party Advisory
- lists.vmware.com/pipermail/security-announce/2008/000005.htmlnvdThird Party Advisory
- secunia.com/advisories/37471nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1551nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1620nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdBroken LinkThird Party Advisory
- www.novell.com/linux/security/advisories/2007_13_sr.htmlnvdThird Party Advisory
- www.python.org/download/releases/2.5.1/NEWS.txtnvdBroken LinkVendor Advisory
- www.redhat.com/support/errata/RHSA-2007-1076.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-1077.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0629.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/469294/30/6450/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/488457/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/507985/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/23887nvdThird Party AdvisoryVDB Entry
- www.trustix.org/errata/2007/0019/nvdThird Party Advisory
- www.ubuntu.com/usn/usn-585-1nvdThird Party Advisory
- www.vmware.com/security/advisories/VMSA-2009-0016.htmlnvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2007/1465nvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2008/0637nvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2009/3316nvdBroken LinkThird Party Advisory
- issues.rpath.com/browse/RPL-1358nvdThird Party Advisory
- secunia.com/advisories/25190nvdBroken Link
- secunia.com/advisories/25217nvdBroken Link
- secunia.com/advisories/25233nvdBroken Link
- secunia.com/advisories/25353nvdBroken Link
- secunia.com/advisories/25787nvdBroken Link
- secunia.com/advisories/28027nvdBroken Link
- secunia.com/advisories/28050nvdBroken Link
- secunia.com/advisories/29032nvdBroken Link
- secunia.com/advisories/29303nvdBroken Link
- secunia.com/advisories/29889nvdBroken Link
- secunia.com/advisories/31255nvdBroken Link
- secunia.com/advisories/31492nvdBroken Link
- bugzilla.redhat.com/bugzilla/show_bug.cginvdIssue Tracking
- exchange.xforce.ibmcloud.com/vulnerabilities/34060nvdVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353nvdBroken Link
News mentions
0No linked articles in our index yet.