Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-806-1
HistoryJul 23, 2009 - 12:00 a.m.

Python vulnerabilities

2009-07-2300:00:00
ubuntu.com
35

8.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

84.8%

JSON

Releases

  • Ubuntu 8.10
  • Ubuntu 8.04
  • Ubuntu 6.06

Packages

  • python2.4 -
  • python2.5 -

Details

It was discovered that Python incorrectly handled certain arguments in the
imageop module. If an attacker were able to pass specially crafted
arguments through the crop function, they could execute arbitrary code with
user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS.
(CVE-2008-4864)

Multiple integer overflows were discovered in Python’s stringobject and
unicodeobject expandtabs method. If an attacker were able to exploit these
flaws they could execute arbitrary code with user privileges or cause
Python applications to crash, leading to a denial of service.
(CVE-2008-5031)

OSVersionArchitecturePackageVersionFilename
Ubuntu8.10noarchpython2.4-minimal<Β 2.4.5-5ubuntu1.1UNKNOWN
Ubuntu8.10noarchpython2.4<Β 2.4.5-5ubuntu1.1UNKNOWN
Ubuntu8.10noarchpython2.4<Β dbg-2.4.5-5ubuntu1.1UNKNOWN
Ubuntu8.10noarchpython2.4<Β dev-2.4.5-5ubuntu1.1UNKNOWN
Ubuntu8.10noarchpython2.4<Β minimal-2.4.5-5ubuntu1.1UNKNOWN
Ubuntu8.04noarchpython2.5-minimal<Β 2.5.2-2ubuntu6UNKNOWN
Ubuntu8.04noarchpython2.5<Β 2.5.2-2ubuntu6UNKNOWN
Ubuntu8.04noarchpython2.5-dbg<Β 2.5.2-2ubuntu6UNKNOWN
Ubuntu8.04noarchpython2.5-dev<Β 2.5.2-2ubuntu6UNKNOWN
Ubuntu8.04noarchpython2.4-minimal<Β 2.4.5-1ubuntu4.2UNKNOWN
Rows per page:
1-10 of 201

Related

nessus 22
openvas 38
seebug 3
exploitpack 1
veracode 2
gentoo 1
exploitdb 1
cve 3
prion 3
ubuntucve 3
redhat 3
oraclelinux 3
centos 2
vmware 2
nessus
nessus
SuSE 10 Security Update : Python (ZYPP Patch Number 5837)
2009-09-24 00:00:00
SuSE9 Security Update : Python (YOU Patch Number 12316)
2009-09-24 00:00:00
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : python2.4, python2.5 vulnerabilities (USN-806-1)
2009-07-24 00:00:00
openvas
openvas
SLES10: Security update for Python
2009-10-13 00:00:00
SLES9: Security update for Python
2009-10-10 00:00:00
Ubuntu USN-806-1 (python2.5)
2009-07-29 00:00:00
seebug
seebug
Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow Vulnerability
2014-07-01 00:00:00
Python &lt; 2.5.2 Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability
2009-11-24 00:00:00
Python 'expandtabs'倚δΈͺζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄ž
2013-02-03 00:00:00
exploitpack
exploitpack
Python 2.5.2 Imageop Module - imageop.crop() Buffer Overflow
2009-11-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:35:09
Denial Of Service (DoS)
2020-04-10 00:35:09
gentoo
gentoo
Python: Integer overflows
2009-07-19 00:00:00
exploitdb
exploitdb
Python &lt; 2.5.2 Imageop Module - &#039;imageop.crop()&#039; Buffer Overflow
2009-11-24 00:00:00
cve
cve
CVE-2008-5031
2008-11-10 16:15:00
CVE-2008-2315
2008-08-01 14:41:00
CVE-2008-4864
2008-11-01 00:00:00
prion
prion
Integer overflow
2008-08-01 14:41:00
Integer overflow
2008-11-10 16:15:00
Integer overflow
2008-11-01 00:00:00
ubuntucve
ubuntucve
CVE-2008-5031
2008-11-10 00:00:00
CVE-2008-2315
2008-08-01 00:00:00
CVE-2008-4864
2008-10-31 00:00:00
redhat
redhat
(RHSA-2009:1178) Moderate: python security update
2009-07-27 00:00:00
(RHSA-2009:1177) Moderate: python security update
2009-07-27 00:00:00
(RHSA-2009:1176) Moderate: python security update
2009-07-27 00:00:00
oraclelinux
oraclelinux
python security update
2009-07-27 00:00:00
python security update
2009-07-27 00:00:00
python security update
2009-07-27 00:00:00
centos
centos
python, tkinter security update
2009-07-27 15:25:44
python, tkinter security update
2009-07-29 17:31:50
vmware
vmware
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
2009-11-20 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00

8.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

84.8%

JSON
Related for USN-806-1
nessus22openvas38seebug3exploitpack1veracode2gentoo1exploitdb1cve3prion3ubuntucve3redhat3oraclelinux3centos2vmware2