CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2135

The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (memory corruption and crash) via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.3%

CVSS Severity

CVSS v2 Score 6.4

References

Products affected by CVE-2012-2135

Python » Python » Version: 2.7.0

cpe:2.3:a:python:python:2.7.0
Python » Python » Version: 2.7.1

cpe:2.3:a:python:python:2.7.1
Python » Python » Version: 2.7.2

cpe:2.3:a:python:python:2.7.2
Python » Python » Version: 2.7.3

cpe:2.3:a:python:python:2.7.3
Python » Python » Version: 3.2.0

cpe:2.3:a:python:python:3.2.0
Python » Python » Version: 3.2.1

cpe:2.3:a:python:python:3.2.1
Python » Python » Version: 3.2.2

cpe:2.3:a:python:python:3.2.2
Python » Python » Version: 3.2.3

cpe:2.3:a:python:python:3.2.3
Python » Python » Version: 3.3.0

cpe:2.3:a:python:python:3.3.0
Python » Python » Version: 3.3.1

cpe:2.3:a:python:python:3.3.1
Python » Python » Version: 3.3.2

cpe:2.3:a:python:python:3.3.2
Canonical » Ubuntu Linux » Version: 10.04

cpe:2.3:o:canonical:ubuntu_linux:10.04
Canonical » Ubuntu Linux » Version: 11.04

cpe:2.3:o:canonical:ubuntu_linux:11.04
Canonical » Ubuntu Linux » Version: 11.10

cpe:2.3:o:canonical:ubuntu_linux:11.10
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 12.10

cpe:2.3:o:canonical:ubuntu_linux:12.10
Debian » Debian Linux » Version: 6.0

cpe:2.3:o:debian:debian_linux:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2135

Products

Pricing

Contact Us