CVE-2008-1721 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-1721
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1721

Description: Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/41748 UBUNTU http://www.ubuntu.com/usn/usn-632-1 ST 1019823 SREASON http://securityreason.com/securityalert/3802 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289 SAID Secunia Advisory: SA31365 Secunia Advisory: SA33937 Secunia Advisory: SA31358 Secunia Advisory: SA31255 Secunia Advisory: SA30872 Secunia Advisory: SA29955 Secunia Advisory: SA29889 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:085 GENTOO http://security.gentoo.org/glsa/glsa-200807-01.xml DEBIAN http://www.debian.org/security/2008/dsa-1620 http://www.debian.org/security/2008/dsa-1551 CONFIRM http://support.apple.com/kb/HT3438 http://bugs.python.org/issue2586 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0149 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/490690/100/0/threaded BID 28715 APPLE http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

Return to the previous page.