#VU110167 Integer overflow in Python - CVE-2007-4965
Published: August 2, 2023 / Updated: June 3, 2025
Vulnerability identifier: #VU110167
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green
CVE-ID: CVE-2007-4965
CWE-ID: CWE-190
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Python
Python
Software vendor:
Python.org
Python.org
Description
The vulnerability allows a remote non-authenticated attacker to read memory contents or crash the application.
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.
Remediation
Install update from vendor's website.
External links
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html
- http://www.securityfocus.com/bid/25696
- http://bugs.gentoo.org/show_bug.cgi?id=192876
- https://issues.rpath.com/browse/RPL-1885
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html
- http://www.gentoo.org/security/en/glsa/glsa-200711-07.xml
- http://www.redhat.com/support/errata/RHSA-2007-1076.html
- http://secunia.com/advisories/26837
- http://secunia.com/advisories/27460
- http://secunia.com/advisories/27562
- http://secunia.com/advisories/27872
- http://docs.info.apple.com/article.html?artnum=307179
- http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
- http://www.us-cert.gov/cas/techalerts/TA07-352A.html
- http://secunia.com/advisories/28136
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:012
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:013
- http://secunia.com/advisories/28480
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
- http://secunia.com/advisories/28838
- http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0254
- http://lists.vmware.com/pipermail/security-announce/2008/000005.html
- http://secunia.com/advisories/29032
- http://www.ubuntu.com/usn/usn-585-1
- http://secunia.com/advisories/29303
- http://www.debian.org/security/2008/dsa-1551
- http://secunia.com/advisories/29889
- http://www.debian.org/security/2008/dsa-1620
- http://secunia.com/advisories/31255
- http://secunia.com/advisories/31492
- http://www.redhat.com/support/errata/RHSA-2008-0629.html
- http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
- http://secunia.com/advisories/33937
- http://support.apple.com/kb/HT3438
- http://www.vmware.com/security/advisories/VMSA-2009-0016.html
- http://www.vupen.com/english/advisories/2009/3316
- http://secunia.com/advisories/37471
- http://support.avaya.com/css/P8/documents/100074697
- http://secunia.com/advisories/38675
- http://www.vupen.com/english/advisories/2007/4238
- http://www.vupen.com/english/advisories/2008/0637
- http://www.vupen.com/english/advisories/2007/3201
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36653
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
- http://www.securityfocus.com/archive/1/488457/100/0/threaded
- http://www.securityfocus.com/archive/1/487990/100/0/threaded