Vulnerability Details CVE-2010-1666
Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors involving crafted Unicode input to the cjson.encode function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.9%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/40335
- http://secunia.com/advisories/40500
- http://www.debian.org/security/2010/dsa-2068
- http://www.vupen.com/english/advisories/2010/1774
- https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274
- http://secunia.com/advisories/40335
- http://secunia.com/advisories/40500
- http://www.debian.org/security/2010/dsa-2068
- http://www.vupen.com/english/advisories/2010/1774
- https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274
Products affected by CVE-2010-1666
-
cpe:2.3:a:dan_pascu:python-cjson:1.0.5