CVE-2008-4864

Python 1.5.2-2.5.1 - Integer Overflow in imageop.c crop Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-4864. PoCs published by Chris Evans.

AI-analyzed exploit summary The PoC demonstrates a buffer overflow vulnerability in Python's 'imageop' module by passing malformed parameters to the 'crop' function, which can lead to arbitrary code execution or denial-of-service conditions.

Description

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Chris Evans · textdosmultiple
https://www.exploit-db.com/exploits/10229

The PoC demonstrates a buffer overflow vulnerability in Python's 'imageop' module by passing malformed parameters to the 'crop' function, which can lead to arbitrary code execution or denial-of-service conditions.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Python versions prior to 2.5.2
No auth needed
Prerequisites: Python environment with vulnerable 'imageop' module
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Chris Evans · pythondosunix
https://www.exploit-db.com/exploits/32534

This exploit triggers a buffer overflow in Python's 'imageop' module by passing malformed parameters to the 'crop' function. The vulnerability allows arbitrary code execution in the context of the application using the module.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Python versions prior to 2.5.2-r6
No auth needed
Prerequisites: Python environment with vulnerable 'imageop' module
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17
Core References
Not Applicable third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33937
Exploit, Third Party Advisory x_refsource_misc
http://scary.beasts.org/security/CESA-2008-008.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46606
Not Applicable third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37471
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT3438
Mailing List, Third Party Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Permissions Required x_refsource_confirm
http://svn.python.org/view?rev=66689&view=rev
Exploit, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31976
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31932
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/10/27/2
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/10/29/3
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3316

Scores

EPSS 0.2102
EPSS Percentile 97.3%

Details

CWE
CWE-190
Status published
Products (1)
python/python 1.5.2 - 2.4.6
Published Nov 01, 2008
Tracked Since Feb 18, 2026