CVE-2008-4864

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
pythonpython
1.5.2 ≤
𝑥
< 2.4.6
pythonpython
2.5.0 ≤
𝑥
< 2.5.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python2.2
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
ignored
python2.3
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
ignored
python2.4
karmic
not-affected
jaunty
not-affected
intrepid
Fixed 2.4.5-5ubuntu1.1
released
hardy
Fixed 2.4.5-1ubuntu4.2
released
gutsy
ignored
dapper
Fixed 2.4.3-0ubuntu6.3
released
python2.5
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
Fixed 2.5.2-2ubuntu6
released
gutsy
ignored
dapper
dne
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://scary.beasts.org/security/CESA-2008-008.html
http://secunia.com/advisories/33937
http://secunia.com/advisories/37471
http://support.apple.com/kb/HT3438
http://svn.python.org/view/python/trunk/Modules/imageop.c?rev=66689&view=diff&r1=66689&r2=66688&p1=python/trunk/Modules/imageop.c&p2=/python/trunk/Modules/imageop.c
http://svn.python.org/view?rev=66689&view=rev
http://www.openwall.com/lists/oss-security/2008/10/27/2
http://www.openwall.com/lists/oss-security/2008/10/29/3
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/bid/31932
http://www.securityfocus.com/bid/31976
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
https://exchange.xforce.ibmcloud.com/vulnerabilities/46606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8354
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://scary.beasts.org/security/CESA-2008-008.html
http://secunia.com/advisories/33937
http://secunia.com/advisories/37471
http://support.apple.com/kb/HT3438
http://svn.python.org/view/python/trunk/Modules/imageop.c?rev=66689&view=diff&r1=66689&r2=66688&p1=python/trunk/Modules/imageop.c&p2=/python/trunk/Modules/imageop.c
http://svn.python.org/view?rev=66689&view=rev
http://www.openwall.com/lists/oss-security/2008/10/27/2
http://www.openwall.com/lists/oss-security/2008/10/29/3
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/bid/31932
http://www.securityfocus.com/bid/31976
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
https://exchange.xforce.ibmcloud.com/vulnerabilities/46606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10702
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8354