ID CVE-2008-1679
Summary Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.
References
Vulnerable Configurations
  • cpe:2.3:a:python_software_foundation:python:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:python_software_foundation:python:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:python_software_foundation:python:*:*:*:*:*:*:*:*
    cpe:2.3:a:python_software_foundation:python:*:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2013-04-29T04:06:52.162-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.
    family unix
    id oval:org.mitre.oval:def:10583
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.
    version 23
  • accepted 2010-03-01T04:00:13.347-05:00
    class vulnerability
    contributors
    name Pai Peng
    organization Hewlett-Packard
    definition_extensions
    • comment Solaris 10 (SPARC) is installed
      oval oval:org.mitre.oval:def:1440
    • comment Solaris 10 (x86) is installed
      oval oval:org.mitre.oval:def:1926
    description Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.
    family unix
    id oval:org.mitre.oval:def:7800
    status accepted
    submitted 2010-01-19T17:52:34.000-05:00
    title Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code
    version 31
redhat via4
rpms
  • python-0:2.3.4-14.7.el4_8.2
  • python-devel-0:2.3.4-14.7.el4_8.2
  • python-docs-0:2.3.4-14.7.el4_8.2
  • python-tools-0:2.3.4-14.7.el4_8.2
  • tkinter-0:2.3.4-14.7.el4_8.2
  • python-0:2.2.3-6.11
  • python-devel-0:2.2.3-6.11
  • python-tools-0:2.2.3-6.11
  • tkinter-0:2.2.3-6.11
refmap via4
apple APPLE-SA-2009-02-12
confirm
debian
  • DSA-1551
  • DSA-1620
gentoo GLSA-200807-01
mandriva
  • MDVSA-2008:163
  • MDVSA-2008:164
misc http://bugs.python.org/msg64682
secunia
  • 29889
  • 29955
  • 30872
  • 31255
  • 31358
  • 31365
  • 31518
  • 31687
  • 33937
  • 38675
slackware SSA:2008-217-01
suse SUSE-SR:2008:017
ubuntu USN-632-1
xf python-imageopc-bo(41958)
statements via4
contributor Joshua Bressers
lastmodified 2008-04-22
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1679 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
Last major update 29-09-2017 - 01:30
Published 22-04-2008 - 04:41
Back to Top