5.8

CVE-2007-4965

Exploit
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PythonPython Version <= 2.5.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.49% 0.957
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:N/A:P
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

http://secunia.com/advisories/31492
Broken Link
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Third Party Advisory
http://docs.info.apple.com/article.html?artnum=307179
Third Party Advisory
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Mailing List
http://secunia.com/advisories/28136
Broken Link
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2007/4238
Broken Link
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Mailing List
http://secunia.com/advisories/33937
Broken Link
http://support.apple.com/kb/HT3438
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
Third Party Advisory
http://secunia.com/advisories/28838
Broken Link
http://lists.vmware.com/pipermail/security-announce/2008/000005.html
Third Party Advisory
http://secunia.com/advisories/29032
Broken Link
http://secunia.com/advisories/29303
Broken Link
http://secunia.com/advisories/29889
Broken Link
http://secunia.com/advisories/31255
Broken Link
http://secunia.com/advisories/37471
Broken Link
http://www.debian.org/security/2008/dsa-1551
Third Party Advisory
http://www.debian.org/security/2008/dsa-1620
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-1076.html
Third Party Advisory
http://www.securityfocus.com/archive/1/488457/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-585-1
Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0637
Broken Link
http://www.vupen.com/english/advisories/2009/3316
Broken Link
http://bugs.gentoo.org/show_bug.cgi?id=192876
Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html
Exploit
http://secunia.com/advisories/26837
Broken Link
http://secunia.com/advisories/27460
Broken Link
http://secunia.com/advisories/27562
Broken Link
http://secunia.com/advisories/27872
Broken Link
http://secunia.com/advisories/28480
Broken Link
http://secunia.com/advisories/38675
Broken Link
http://support.avaya.com/css/P8/documents/100074697
Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0254
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200711-07.xml
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:012
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2008:013
Broken Link
http://www.securityfocus.com/archive/1/487990/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/25696
Third Party Advisory
Exploit
VDB Entry
http://www.vupen.com/english/advisories/2007/3201
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/36653
VDB Entry
https://issues.rpath.com/browse/RPL-1885
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496
Broken Link
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html
Third Party Advisory