Unrated severityNVD Advisory· Published Apr 16, 2007· Updated Apr 23, 2026
CVE-2007-2052
CVE-2007-2052
Description
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
Affected products
2cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
38- bugs.debian.org/cgi-bin/bugreport.cginvdThird Party Advisory
- lists.vmware.com/pipermail/security-announce/2008/000005.htmlnvdThird Party Advisory
- secunia.com/advisories/37471nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1551nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1620nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdBroken LinkThird Party Advisory
- www.novell.com/linux/security/advisories/2007_13_sr.htmlnvdThird Party Advisory
- www.python.org/download/releases/2.5.1/NEWS.txtnvdBroken LinkVendor Advisory
- www.redhat.com/support/errata/RHSA-2007-1076.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2007-1077.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0629.htmlnvdThird Party Advisory
- www.securityfocus.com/archive/1/469294/30/6450/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/488457/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/507985/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/23887nvdThird Party AdvisoryVDB Entry
- www.trustix.org/errata/2007/0019/nvdThird Party Advisory
- www.ubuntu.com/usn/usn-585-1nvdThird Party Advisory
- www.vmware.com/security/advisories/VMSA-2009-0016.htmlnvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2007/1465nvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2008/0637nvdBroken LinkThird Party Advisory
- www.vupen.com/english/advisories/2009/3316nvdBroken LinkThird Party Advisory
- issues.rpath.com/browse/RPL-1358nvdThird Party Advisory
- secunia.com/advisories/25190nvdBroken Link
- secunia.com/advisories/25217nvdBroken Link
- secunia.com/advisories/25233nvdBroken Link
- secunia.com/advisories/25353nvdBroken Link
- secunia.com/advisories/25787nvdBroken Link
- secunia.com/advisories/28027nvdBroken Link
- secunia.com/advisories/28050nvdBroken Link
- secunia.com/advisories/29032nvdBroken Link
- secunia.com/advisories/29303nvdBroken Link
- secunia.com/advisories/29889nvdBroken Link
- secunia.com/advisories/31255nvdBroken Link
- secunia.com/advisories/31492nvdBroken Link
- bugzilla.redhat.com/bugzilla/show_bug.cginvdIssue Tracking
- exchange.xforce.ibmcloud.com/vulnerabilities/34060nvdVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353nvdBroken Link
News mentions
0No linked articles in our index yet.