CVE-2010-1666

Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors involving crafted Unicode input to the cjson.encode function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
dan_pascupython-cjson
1.0.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python-cjson
lucid
Fixed 1.0.5-2ubuntu0.10.04.1
released
karmic
Fixed 1.0.5-2ubuntu0.9.10.1
released
jaunty
Fixed 1.0.5-1ubuntu0.9.04.1
released
hardy
Fixed 1.0.5-1ubuntu0.8.04.1
released
dapper
dne
Common Weakness Enumeration
References
http://secunia.com/advisories/40335
http://secunia.com/advisories/40500
http://www.debian.org/security/2010/dsa-2068
http://www.vupen.com/english/advisories/2010/1774
https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274
http://secunia.com/advisories/40335
http://secunia.com/advisories/40500
http://www.debian.org/security/2010/dsa-2068
http://www.vupen.com/english/advisories/2010/1774
https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274