exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2008-4864

Status Candidate

Overview

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.

Related Files

Ubuntu Security Notice 806-1
Posted Jul 23, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-806-1 - It was discovered that Python incorrectly handled certain arguments in the imageop module. If an attacker were able to pass specially crafted arguments through the crop function, they could execute arbitrary code with user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. Multiple integer overflows were discovered in Python's stringobject and unicodeobject expandtabs method. If an attacker were able to exploit these flaws they could execute arbitrary code with user privileges or cause Python applications to crash, leading to a denial of service.

tags | advisory, denial of service, overflow, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2008-4864, CVE-2008-5031
SHA-256 | c8fae5e6de505386b8a8bf4f7a7ec80d7d5ec6659c0974814d50ac793bc6138d
Mandriva Linux Security Advisory 2009-036
Posted Feb 12, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-036 - Multiple integer overflows exist in various versions of python. The updated Python packages have been patched to correct these issues.

tags | advisory, overflow, python
systems | linux, mandriva
advisories | CVE-2008-2315, CVE-2008-4864, CVE-2008-5031
SHA-256 | 4bc7c56b44f04c83e5be7c57de9017257d3056e21d5866a60447ee4c5deced03
Mandriva Linux Security Advisory 2009-003
Posted Jan 12, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-003 - Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow. Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. The updated Python packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary, python
systems | linux, mandriva
advisories | CVE-2008-4864, CVE-2008-5031
SHA-256 | 28d63a5f76ce1c5a97ac6618dfcd9bf320b89e89ddb038a765988adc6e0b6471
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close