5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
python is vulnerable to denial of service. Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter’s privileges.
CPE | Name | Operator | Version |
---|---|---|---|
python | eq | 2.4.3__21.el5 | |
python | eq | 2.4.3__19.el5 | |
python | eq | 2.4.3__21.el5 | |
python | eq | 2.4.3__19.el5 |
bugs.gentoo.org/show_bug.cgi?id=192876
docs.info.apple.com/article.html?artnum=307179
lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html
lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
lists.vmware.com/pipermail/security-announce/2008/000005.html
secunia.com/advisories/26837
secunia.com/advisories/27460
secunia.com/advisories/27562
secunia.com/advisories/27872
secunia.com/advisories/28136
secunia.com/advisories/28480
secunia.com/advisories/28838
secunia.com/advisories/29032
secunia.com/advisories/29303
secunia.com/advisories/29889
secunia.com/advisories/31255
secunia.com/advisories/31492
secunia.com/advisories/33937
secunia.com/advisories/37471
secunia.com/advisories/38675
support.apple.com/kb/HT3438
support.avaya.com/css/P8/documents/100074697
wiki.rpath.com/wiki/Advisories:rPSA-2007-0254
www.debian.org/security/2008/dsa-1551
www.debian.org/security/2008/dsa-1620
www.gentoo.org/security/en/glsa/glsa-200711-07.xml
www.mandriva.com/security/advisories?name=MDVSA-2008:012
www.mandriva.com/security/advisories?name=MDVSA-2008:013
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2007-1076.html
www.redhat.com/support/errata/RHSA-2008-0629.html
www.securityfocus.com/archive/1/487990/100/0/threaded
www.securityfocus.com/archive/1/488457/100/0/threaded
www.securityfocus.com/archive/1/507985/100/0/threaded
www.securityfocus.com/bid/25696
www.ubuntu.com/usn/usn-585-1
www.us-cert.gov/cas/techalerts/TA07-352A.html
www.vmware.com/security/advisories/VMSA-2009-0016.html
www.vupen.com/english/advisories/2007/3201
www.vupen.com/english/advisories/2007/4238
www.vupen.com/english/advisories/2008/0637
www.vupen.com/english/advisories/2009/3316
access.redhat.com/errata/RHSA-2009:1176
exchange.xforce.ibmcloud.com/vulnerabilities/36653
issues.rpath.com/browse/RPL-1885
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496
www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html