CVE-2008-4864

EUVD-2008-4843
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
pythonpython
1.5.2 ≤
𝑥
< 2.4.6
pythonpython
2.5.0 ≤
𝑥
< 2.5.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python2.2
dapper
ignored
gutsy
dne
hardy
dne
intrepid
dne
jaunty
dne
karmic
dne
python2.3
dapper
ignored
gutsy
dne
hardy
dne
intrepid
dne
jaunty
dne
karmic
dne
python2.4
dapper
Fixed 2.4.3-0ubuntu6.3
released
gutsy
ignored
hardy
Fixed 2.4.5-1ubuntu4.2
released
intrepid
Fixed 2.4.5-5ubuntu1.1
released
jaunty
not-affected
karmic
not-affected
python2.5
dapper
dne
gutsy
ignored
hardy
Fixed 2.5.2-2ubuntu6
released
intrepid
not-affected
jaunty
not-affected
karmic
not-affected
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://scary.beasts.org/security/CESA-2008-008.html
http://secunia.com/advisories/33937
http://secunia.com/advisories/37471
http://support.apple.com/kb/HT3438
http://svn.python.org/view/python/trunk/Modules/imageop.c?rev=66689&view=diff&r1=66689&r2=66688&p1=python/trunk/Modules/imageop.c&p2=/python/trunk/Modules/imageop.c
http://svn.python.org/view?rev=66689&view=rev
http://www.openwall.com/lists/oss-security/2008/10/27/2
http://www.openwall.com/lists/oss-security/2008/10/29/3
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/bid/31932
http://www.securityfocus.com/bid/31976
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
https://exchange.xforce.ibmcloud.com/vulnerabilities/46606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8354
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://scary.beasts.org/security/CESA-2008-008.html
http://secunia.com/advisories/33937
http://secunia.com/advisories/37471
http://support.apple.com/kb/HT3438
http://svn.python.org/view/python/trunk/Modules/imageop.c?rev=66689&view=diff&r1=66689&r2=66688&p1=python/trunk/Modules/imageop.c&p2=/python/trunk/Modules/imageop.c
http://svn.python.org/view?rev=66689&view=rev
http://www.openwall.com/lists/oss-security/2008/10/27/2
http://www.openwall.com/lists/oss-security/2008/10/29/3
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/bid/31932
http://www.securityfocus.com/bid/31976
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
https://exchange.xforce.ibmcloud.com/vulnerabilities/46606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8354