Launchpad.net

CVE 2007-4965

Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.

Related bugs and status

CVE-2007-4965 (Candidate) is related to these bugs:

Bug #163845: [python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS

		In	Importance	Status
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.5 (Ubuntu)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.4 (Ubuntu)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.3 (Baltix)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.3 (Ubuntu)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.2 (Ubuntu)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.2 (Ubuntu Dapper)	Undecided	Won't Fix
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.3 (Ubuntu Dapper)	Undecided	Won't Fix
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.4 (Ubuntu Dapper)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.5 (Ubuntu Dapper)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.2 (Ubuntu Edgy)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.3 (Ubuntu Edgy)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.4 (Ubuntu Edgy)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.5 (Ubuntu Edgy)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.2 (Ubuntu Feisty)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.3 (Ubuntu Feisty)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.4 (Ubuntu Feisty)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.5 (Ubuntu Feisty)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.2 (Ubuntu Gutsy)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.3 (Ubuntu Gutsy)	Undecided	Invalid
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.4 (Ubuntu Gutsy)	Undecided	Fix Released
163845	[python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS	python2.5 (Ubuntu Gutsy)	Undecided	Fix Released

Bug #172874: Please fix python2.5.desktop file

Summary				In	Importance	Status
	172874	Please fix python2.5.desktop file		python2.5 (Ubuntu)	Wishlist	Fix Released

Bug #174786: python2.5-doc does not update info dir properly

Summary				In	Importance	Status
	174786	python2.5-doc does not update info dir properly		python2.5 (Ubuntu)	Undecided	Fix Released

Bug #177722: re.match.func_code.co_filename returns "re.py"

Summary				In	Importance	Status
	177722	re.match.func_code.co_filename returns "re.py"		python2.5 (Ubuntu)	Undecided	Fix Released

Bug #223196: [CVE-2008-1679, CVE-2008-1721] Python 2.5 vulnerabilities

		In	Importance	Status
223196	[CVE-2008-1679, CVE-2008-1721] Python 2.5 vulnerabilities	python2.5 (Ubuntu)	Undecided	Fix Released
223196	[CVE-2008-1679, CVE-2008-1721] Python 2.5 vulnerabilities	python2.5 (Ubuntu Feisty)	Undecided	New
223196	[CVE-2008-1679, CVE-2008-1721] Python 2.5 vulnerabilities	python2.5 (Ubuntu Gutsy)	Undecided	New

Bug #258635: No support for ml_IN locale

Summary				In	Importance	Status
	258635	No support for ml_IN locale		python2.5 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20070916 python <= 2.5...
BID: 25696
SECUNIA: 26837
FEDORA: FEDORA-2007-2663
SECUNIA: 27460
CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200711-07
SECUNIA: 27562
CONFIRM: https://issues.rpath.c...
SECUNIA: 27872
REDHAT: RHSA-2007:1076
CONFIRM: http://docs.info.apple...
APPLE: APPLE-SA-2007-12-17
CERT: TA07-352A
SECUNIA: 28136
MANDRIVA: MDVSA-2008:012
MANDRIVA: MDVSA-2008:013
SECUNIA: 28480
SUSE: SUSE-SR:2008:003
SECUNIA: 28838
CONFIRM: http://wiki.rpath.com/...
MLIST: [Security-announce] 20...
SECUNIA: 29032
UBUNTU: USN-585-1
SECUNIA: 29303
DEBIAN: DSA-1551
SECUNIA: 29889
DEBIAN: DSA-1620
SECUNIA: 31255
REDHAT: RHSA-2008:0629
SECUNIA: 31492
APPLE: APPLE-SA-2009-02-12
SECUNIA: 33937
CONFIRM: http://support.apple.c...
CONFIRM: http://www.vmware.com/...
SECUNIA: 37471
VUPEN: ADV-2009-3316
CONFIRM: http://support.avaya.c...
SECUNIA: 38675
VUPEN: ADV-2007-3201
VUPEN: ADV-2007-4238
VUPEN: ADV-2008-0637
XF: python-imageop-bo(36653)
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080212 FLEA-2008-000...
BUGTRAQ: 20080221 VMSA-2008-000...
BUGTRAQ: 20091120 VMSA-2009-001...