CVE-2007-4965

2007-09-1800:00:00

ubuntu.com

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

0.046 Low

EPSS

Percentile

92.5%

JSON

Multiple integer overflows in the imageop module in Python 2.5.1 and
earlier allow context-dependent attackers to cause a denial of service
(application crash) and possibly obtain sensitive information (memory
contents) via crafted arguments to (1) the tovideo method, and unspecified
other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other
files, which trigger heap-based buffer overflows.

Bugs

<https://bugs.launchpad.net/ubuntu/gutsy/+source/python2.5/+bug/163845>

Notes

Author	Note
jdstrand	bug report has debdiffs

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchpython2.4< 2.4.3-0ubuntu6.1UNKNOWN
ubuntu6.10noarchpython2.4< 2.4.4~c1-0ubuntu1.1UNKNOWN
ubuntu7.04noarchpython2.4< 2.4.4-2ubuntu7.1UNKNOWN
ubuntu7.10noarchpython2.4< 2.4.4-6ubuntu4.1UNKNOWN
ubuntu6.10noarchpython2.5< 2.5-2ubuntu2.1UNKNOWN
ubuntu7.04noarchpython2.5< 2.5.1-0ubuntu1.1UNKNOWN
ubuntu7.10noarchpython2.5< 2.5.1-5ubuntu5.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	python2.4	< 2.4.3-0ubuntu6.1	UNKNOWN
ubuntu	6.10	noarch	python2.4	< 2.4.4~c1-0ubuntu1.1	UNKNOWN
ubuntu	7.04	noarch	python2.4	< 2.4.4-2ubuntu7.1	UNKNOWN
ubuntu	7.10	noarch	python2.4	< 2.4.4-6ubuntu4.1	UNKNOWN
ubuntu	6.10	noarch	python2.5	< 2.5-2ubuntu2.1	UNKNOWN
ubuntu	7.04	noarch	python2.5	< 2.5.1-0ubuntu1.1	UNKNOWN
ubuntu	7.10	noarch	python2.5	< 2.5.1-5ubuntu5.1	UNKNOWN