Ubuntu Security Notice USN-806-1 - It was discovered that Python incorrectly handled certain arguments in the imageop module. If an attacker were able to pass specially crafted arguments through the crop function, they could execute arbitrary code with user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. Multiple integer overflows were discovered in Python's stringobject and unicodeobject expandtabs method. If an attacker were able to exploit these flaws they could execute arbitrary code with user privileges or cause Python applications to crash, leading to a denial of service.
c8fae5e6de505386b8a8bf4f7a7ec80d7d5ec6659c0974814d50ac793bc6138dMandriva Linux Security Advisory 2009-036 - Multiple integer overflows exist in various versions of python. The updated Python packages have been patched to correct these issues.
4bc7c56b44f04c83e5be7c57de9017257d3056e21d5866a60447ee4c5deced03Mandriva Linux Security Advisory 2009-003 - Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow. Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. The updated Python packages have been patched to correct these issues.
28d63a5f76ce1c5a97ac6618dfcd9bf320b89e89ddb038a765988adc6e0b6471
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed