Description
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Slythers Bro · pythondosmultiple
https://www.exploit-db.com/exploits/30592
References (49)
Core 49
Core References
Third Party Advisory mailing-list
x_refsource_mlist
http://lists.vmware.com/pipermail/security-announce/2008/000005.html
Exploit, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25696
Third Party Advisory x_refsource_confirm
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0254
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/4238
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38675
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Broken Link vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33937
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28136
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37471
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27460
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28480
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26837
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3201
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1551
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29303
Broken Link vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT3438
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27872
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29032
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31492
Third Party Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html
Broken Link vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Exploit mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488457/100/0/threaded
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-1076.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0637
VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36653
Third Party Advisory x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=192876
Third Party Advisory x_refsource_confirm
http://docs.info.apple.com/article.html?artnum=307179
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27562
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-585-1
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200711-07.xml
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:012
Third Party Advisory x_refsource_confirm
http://support.avaya.com/css/P8/documents/100074697
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31255
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487990/100/0/threaded
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:013
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1620
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28838
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
Third Party Advisory x_refsource_confirm
https://issues.rpath.com/browse/RPL-1885
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3316
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29889
Scores
EPSS
0.0484
EPSS Percentile
89.6%
Details
CWE
CWE-190
Status
published
Products (1)
python/python
< 2.5.1
Published
Sep 18, 2007
Tracked Since
Feb 18, 2026