Lucene search

MitreCVELIST:CVE-2007-4965

HistorySep 18, 2007 - 10:00 p.m.

CVE-2007-4965

2007-09-1822:00:00

mitre

www.cve.org

AI Score

6.8

Confidence

High

EPSS

0.062

Percentile

93.6%

JSON

Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.

References

bugs.gentoo.org/show_bug.cgi?id=192876

docs.info.apple.com/article.html?artnum=307179

lists.apple.com/archives/security-announce/2007/Dec/msg00002.html

lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html

lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html

lists.vmware.com/pipermail/security-announce/2008/000005.html

secunia.com/advisories/26837

secunia.com/advisories/27460

secunia.com/advisories/27562

secunia.com/advisories/27872

secunia.com/advisories/28136

secunia.com/advisories/28480

secunia.com/advisories/28838

secunia.com/advisories/29032

secunia.com/advisories/29303

secunia.com/advisories/29889

secunia.com/advisories/31255

secunia.com/advisories/31492

secunia.com/advisories/33937

secunia.com/advisories/37471

secunia.com/advisories/38675

support.apple.com/kb/HT3438

support.avaya.com/css/P8/documents/100074697

wiki.rpath.com/wiki/Advisories:rPSA-2007-0254

www.debian.org/security/2008/dsa-1551

www.debian.org/security/2008/dsa-1620

www.gentoo.org/security/en/glsa/glsa-200711-07.xml

www.mandriva.com/security/advisories?name=MDVSA-2008:012

www.mandriva.com/security/advisories?name=MDVSA-2008:013

www.redhat.com/support/errata/RHSA-2007-1076.html

www.redhat.com/support/errata/RHSA-2008-0629.html

www.securityfocus.com/archive/1/487990/100/0/threaded

www.securityfocus.com/archive/1/488457/100/0/threaded

www.securityfocus.com/archive/1/507985/100/0/threaded

www.securityfocus.com/bid/25696

www.ubuntu.com/usn/usn-585-1

www.us-cert.gov/cas/techalerts/TA07-352A.html

www.vmware.com/security/advisories/VMSA-2009-0016.html

www.vupen.com/english/advisories/2007/3201

www.vupen.com/english/advisories/2007/4238

www.vupen.com/english/advisories/2008/0637

www.vupen.com/english/advisories/2009/3316

exchange.xforce.ibmcloud.com/vulnerabilities/36653

issues.rpath.com/browse/RPL-1885

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496

www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html