PT-2008-3227 · Python+1 · Python+1

David Remahl

Publicado

2008-04-21

Atualizado

2023-08-02

CVE-2008-1679

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Python versions prior to 2.5.3

Description The issue is caused by multiple integer overflows in imageop.c, which can be exploited by context-dependent attackers using crafted images to trigger heap-based buffer overflows. This could lead to a denial of service (crash) and possibly the execution of arbitrary code.

Recommendations For versions prior to 2.5.3, update to version 2.5.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted images to minimize the risk of exploitation.

Correção

DoS

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

CVE-2008-1679

DSA-1551-1

DSA-1620-1

PSF-2008-1

RHSA-2009:1177

RHSA-2009:1178

RHSA-2009_1177

Produtos afetados

Python

Red Hat

PT-2008-3227 · Python+1 · Python+1

CVE-2008-1679

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 53