CVE-2008-1679 - Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to

CVE-2008-1679

Summary

Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.

References

Vulnerable Configurations

cpe:2.3:a:python_software_foundation:python:2.4:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:2.4:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python_software_foundation:python:*:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

oval via4

accepted

2013-04-29T04:06:52.162-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990

description

family

unix

oval:org.mitre.oval:def:10583

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

accepted

2010-03-01T04:00:13.347-05:00

class

vulnerability

contributors

name	Pai Peng
organization	Hewlett-Packard

definition_extensions

comment Solaris 10 (SPARC) is installed
oval oval:org.mitre.oval:def:1440
comment Solaris 10 (x86) is installed
oval oval:org.mitre.oval:def:1926

description

family

unix

oval:org.mitre.oval:def:7800

status

accepted

submitted

2010-01-19T17:52:34.000-05:00

title

Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code

version

redhat via4

rpms

python-0:2.3.4-14.7.el4_8.2
python-devel-0:2.3.4-14.7.el4_8.2
python-docs-0:2.3.4-14.7.el4_8.2
python-tools-0:2.3.4-14.7.el4_8.2
tkinter-0:2.3.4-14.7.el4_8.2
python-0:2.2.3-6.11
python-devel-0:2.2.3-6.11
python-tools-0:2.2.3-6.11
tkinter-0:2.2.3-6.11

refmap via4

apple	APPLE-SA-2009-02-12
confirm	http://bugs.python.org/issue1179 http://support.apple.com/kb/HT3438 http://support.avaya.com/css/P8/documents/100074697 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0149 http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900 https://issues.rpath.com/browse/RPL-2424
debian	DSA-1551 DSA-1620
gentoo	GLSA-200807-01
mandriva	MDVSA-2008:163 MDVSA-2008:164
misc	http://bugs.python.org/msg64682
secunia	29889 29955 30872 31255 31358 31365 31518 31687 33937 38675
slackware	SSA:2008-217-01
suse	SUSE-SR:2008:017
ubuntu	USN-632-1
xf	python-imageopc-bo(41958)

statements via4

contributor	Joshua Bressers
lastmodified	2008-04-22
organization	Red Hat
statement	Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1679 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/

Last major update

29-09-2017 - 01:30

Published

22-04-2008 - 04:41