Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-2052 — Off-by-one Error in Python

CWE-193 — Off-by-one Error8 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

13.7%

top 5.71%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Python Vmware Esxi Vmware Tools +3 more

Timeline

PublishedApr 16

Latest updateMay 1

Description

Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages6 packages

▶NVDpython/python2.4.0, 2.5.0+1

▶vmwarevmware/esxi

▶vmwarevmware/vmware_tools

▶vmwarevmware/vmware_vsphere

▶vmwarevmware/vmware_workstation

🔴Vulnerability Details

GHSA

GHSA-7hcx-rxp8-j55g: Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

Python 2.5 - 'PyLocale_strxfrm' Remote Information Leak↗2007-05-08

▶

📋Vendor Advisories

VMware

VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.↗2009-11-20

▶

Ubuntu

Python vulnerabilities↗2008-03-11

▶

Red Hat

python off-by-one locale.strxfrm() (possible memory disclosure)↗2007-04-02

▶

💬Community

Bugzilla

CVE-2007-2052 python off-by-one locale.strxfrm() (possible memory disclosure)↗2007-04-03

▶

Bugzilla

CVE-2007-2052 Off-by-one in python's locale.strxfrm()↗2007-04-03

▶