Vulnerabilities > CVE-2008-4864 - Integer Overflow or Wraparound vulnerability in Python

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
python
CWE-190
nessus
exploit available
NVD
Published: 2008-11-01
Updated: 2022-07-05

Summary

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.

Vulnerable Configurations

Part Description Count
Application
Python
31

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Exploit-Db

  • descriptionPython 2.5.2 'Imageop' Module Argument Validation Buffer Overflow Vulnerability. CVE-2008-4864. Dos exploit for unix platform
    idEDB-ID:32534
    last seen2016-02-03
    modified2008-10-27
    published2008-10-27
    reporterChris Evans
    sourcehttps://www.exploit-db.com/download/32534/
    titlePython <= 2.5.2 - 'Imageop' Module Argument Validation Buffer Overflow Vulnerability
  • descriptionPython < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow Vulnerability. CVE-2008-4864. Dos exploits for multiple platform
    idEDB-ID:10229
    last seen2016-02-01
    modified2009-11-24
    published2009-11-24
    reporterChris Evans
    sourcehttps://www.exploit-db.com/download/10229/
    titlePython < 2.5.2 Imageop Module - 'imageop.crop' Buffer Overflow Vulnerability

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-806-1.NASL
    descriptionIt was discovered that Python incorrectly handled certain arguments in the imageop module. If an attacker were able to pass specially crafted arguments through the crop function, they could execute arbitrary code with user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. (CVE-2008-4864) Multiple integer overflows were discovered in Python
    last seen2020-06-01
    modified2020-06-02
    plugin id40361
    published2009-07-24
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40361
    titleUbuntu 6.06 LTS / 8.04 LTS / 8.10 : python2.4, python2.5 vulnerabilities (USN-806-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_PYTHON-081201.NASL
    descriptionInteger Overflows in the python imageop module potentially allowed attackers to execute arbitrary code (CVE-2008-4864).
    last seen2020-06-01
    modified2020-06-02
    plugin id40116
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40116
    titleopenSUSE Security Update : python (python-360)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-1176.NASL
    descriptionUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id40400
    published2009-07-28
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40400
    titleRHEL 5 : python (RHSA-2009:1176)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-1178.NASL
    descriptionUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id40402
    published2009-07-28
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40402
    titleRHEL 3 : python (RHSA-2009:1178)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_PYTHON-5837.NASL
    descriptionInteger Overflows in the python imageop module and in the expandtabs method potentially allowed attackers to execute arbitrary code. (CVE-2008-4864 / CVE-2008-5031)
    last seen2020-06-01
    modified2020-06-02
    plugin id41581
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41581
    titleSuSE 10 Security Update : Python (ZYPP Patch Number 5837)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-1178.NASL
    descriptionUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id40394
    published2009-07-28
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40394
    titleCentOS 3 : python (CESA-2009:1178)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2009-001.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-001 applied. This security update contains fixes for the following products : - AFP Server - Apple Pixlet Video - CarbonCore - CFNetwork - Certificate Assistant - ClamAV - CoreText - CUPS - DS Tools - fetchmail - Folder Manager - FSEvents - Network Time - perl - Printing - python - Remote Apple Events - Safari RSS - servermgrd - SMB - SquirrelMail - X11 - XTerm
    last seen2020-06-01
    modified2020-06-02
    plugin id35684
    published2009-02-13
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35684
    titleMac OS X Multiple Vulnerabilities (Security Update 2009-001)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-1176.NASL
    descriptionUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id43771
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43771
    titleCentOS 5 : python (CESA-2009:1176)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090728_PYTHON_FOR_SL_3_0_X.NASL
    descriptionWhen the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id60624
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60624
    titleScientific Linux Security Update : python for SL 3.0.x on i386/x86_64
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-003.NASL
    descriptionMultiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679. (CVE-2008-4864) Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315. (CVE-2008-5031) The updated Python packages have been patched to correct these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id36693
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/36693
    titleMandriva Linux Security Advisory : python (MDVSA-2009:003)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-1176.NASL
    descriptionFrom Red Hat Security Advisory 2009:1176 : Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id67896
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67896
    titleOracle Linux 5 : python (ELSA-2009-1176)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090727_PYTHON_FOR_SL5_X.NASL
    descriptionWhen the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id60622
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60622
    titleScientific Linux Security Update : python for SL5.x i386/x86_64
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12316.NASL
    descriptionInteger overflows in the python imageop module and in the expandtabs method potentially allowed attackers to execute arbitrary code. (CVE-2008-4864, CVE-2008-5031)
    last seen2020-06-01
    modified2020-06-02
    plugin id41260
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41260
    titleSuSE9 Security Update : Python (YOU Patch Number 12316)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090728_PYTHON_FOR_SL_4_X.NASL
    descriptionWhen the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id60625
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60625
    titleScientific Linux Security Update : python for SL 4.x on i386/x86_64
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-1177.NASL
    descriptionUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id40401
    published2009-07-28
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/40401
    titleRHEL 4 : python (RHSA-2009:1177)
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2009-0016.NASL
    descriptiona. JRE Security Update JRE update to version 1.5.0_20, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. b. Update Apache Tomcat version Update for VirtualCenter and ESX patch update the Tomcat package to version 6.0.20 (vSphere 4.0) or version 5.5.28 (VirtualCenter 2.5) which addresses multiple security issues that existed in the previous version of Apache Tomcat. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.20 and Tomcat 5.5.28: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.18: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.16: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002. c. Third-party library update for ntp. The Network Time Protocol (NTP) is used to synchronize a computer
    last seen2020-06-01
    modified2020-06-02
    plugin id42870
    published2009-11-23
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42870
    titleVMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-1177.NASL
    descriptionFrom Red Hat Security Advisory 2009:1177 : Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id67897
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67897
    titleOracle Linux 4 : python (ELSA-2009-1177)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-1178.NASL
    descriptionFrom Red Hat Security Advisory 2009:1178 : Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter
    last seen2020-06-01
    modified2020-06-02
    plugin id67898
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67898
    titleOracle Linux 3 : python (ELSA-2009-1178)
  • NASL familyMisc.
    NASL idVMWARE_VMSA-2009-0016_REMOTE.NASL
    descriptionThe remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - Apache Geronimo - Apache Tomcat - Apache Xerces2 - cURL/libcURL - ISC BIND - Libxml2 - Linux kernel - Linux kernel 64-bit - Linux kernel Common Internet File System - Linux kernel eCryptfs - NTP - Python - Java Runtime Environment (JRE) - Java SE Development Kit (JDK) - Java SE Abstract Window Toolkit (AWT) - Java SE Plugin - Java SE Provider - Java SE Swing - Java SE Web Start
    last seen2020-06-01
    modified2020-06-02
    plugin id89117
    published2016-03-03
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/89117
    titleVMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_PYTHON-5848.NASL
    descriptionInteger Overflows in the python imageop module potentially allowed attackers to execute arbitrary code (CVE-2008-4864).
    last seen2020-06-01
    modified2020-06-02
    plugin id35332
    published2009-01-11
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35332
    titleopenSUSE 10 Security Update : python (python-5848)

Oval

  • accepted2013-04-29T04:07:54.291-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationSCAP.com, LLC
    • nameDragos Prisaca
      organizationG2, Inc.
    definition_extensions
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
      ovaloval:org.mitre.oval:def:11782
    • commentCentOS Linux 3.x
      ovaloval:org.mitre.oval:def:16651
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
      ovaloval:org.mitre.oval:def:11831
    • commentCentOS Linux 4.x
      ovaloval:org.mitre.oval:def:16636
    • commentOracle Linux 4.x
      ovaloval:org.mitre.oval:def:15990
    • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
      ovaloval:org.mitre.oval:def:11414
    • commentThe operating system installed on the system is CentOS Linux 5.x
      ovaloval:org.mitre.oval:def:15802
    • commentOracle Linux 5.x
      ovaloval:org.mitre.oval:def:15459
    descriptionMultiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
    familyunix
    idoval:org.mitre.oval:def:10702
    statusaccepted
    submitted2010-07-09T03:56:16-04:00
    titleMultiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
    version27
  • accepted2014-01-20T04:01:38.702-05:00
    classvulnerability
    contributors
    • namePai Peng
      organizationHewlett-Packard
    • nameChris Coffin
      organizationThe MITRE Corporation
    definition_extensions
    • commentVMWare ESX Server 3.0.3 is installed
      ovaloval:org.mitre.oval:def:6026
    • commentVMware ESX Server 3.5.0 is installed
      ovaloval:org.mitre.oval:def:5887
    • commentVMware ESX Server 4.0 is installed
      ovaloval:org.mitre.oval:def:6293
    descriptionMultiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
    familyunix
    idoval:org.mitre.oval:def:8354
    statusaccepted
    submitted2010-03-19T16:57:59.000-04:00
    titleVMware python multiple integer overflows vulnerability in the imageop module
    version7

Redhat

rpms
  • python-0:2.4.3-24.el5_3.6
  • python-debuginfo-0:2.4.3-24.el5_3.6
  • python-devel-0:2.4.3-24.el5_3.6
  • python-tools-0:2.4.3-24.el5_3.6
  • tkinter-0:2.4.3-24.el5_3.6
  • python-0:2.3.4-14.7.el4_8.2
  • python-debuginfo-0:2.3.4-14.7.el4_8.2
  • python-devel-0:2.3.4-14.7.el4_8.2
  • python-docs-0:2.3.4-14.7.el4_8.2
  • python-tools-0:2.3.4-14.7.el4_8.2
  • tkinter-0:2.3.4-14.7.el4_8.2
  • python-0:2.2.3-6.11
  • python-debuginfo-0:2.2.3-6.11
  • python-devel-0:2.2.3-6.11
  • python-tools-0:2.2.3-6.11
  • tkinter-0:2.2.3-6.11

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:18331
    last seen2017-11-19
    modified2009-11-24
    published2009-11-24
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-18331
    titlePython &lt; 2.5.2 Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:67092
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-67092
    titlePython < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow Vulnerability

References