Home Corporate Website Jobs Mailing Lists RSS Blog New entry Advertise
	Software Inspectors   Scan Online   Personal (PSI)   Network (NSI 2.0)   - NEW - Solutions For   Security Professionals   Security Vendors Free Solutions For   Open Communities   Journalists & Media Secunia Advisories   Search   Historic Advisories   Listed By Product   Listed By Vendor   Statistics / Graphs   Secunia Research   Report Vulnerability   About Advisories Virus Information   Chronological List   Last 10 Virus Alerts   About Virus Information Secunia Customers   Customer Area CVE Reference: CVE-2007-4965 NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. Original Page at CVE MITRE: CVE-2007-4965 Description: Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows. CVE Status: Candidate References: XF   http://xforce.iss.net/xforce/xfdb/36653 UBUNTU   http://www.ubuntu.com/usn/usn-585-1 SUSE   http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html SAID   Secunia Advisory: SA26837   Secunia Advisory: SA27460   Secunia Advisory: SA27562   Secunia Advisory: SA27872   Secunia Advisory: SA28136   Secunia Advisory: SA28480   Secunia Advisory: SA28838   Secunia Advisory: SA29032   Secunia Advisory: SA29303   Secunia Advisory: SA29889 REDHAT   http://www.redhat.com/support/errata/RHSA-2007-1076.html MLIST   http://lists.vmware.com/pipermail/security-announce/2008/000005.html MANDRIVA   http://www.mandriva.com/security/advisories?name=MDVSA-2008:013   http://www.mandriva.com/security/advisories?name=MDVSA-2008:012 GENTOO   http://www.gentoo.org/security/en/glsa/glsa-200711-07.xml FULLDISC   http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html FEDORA DEBIAN   http://www.debian.org/security/2008/dsa-1551 CONFIRM   http://docs.info.apple.com/article.html?artnum=307179   http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0254   http://bugs.gentoo.org/show_bug.cgi?id=192876 CERT   http://www.us-cert.gov/cas/techalerts/TA07-352A.html BUGTRAQ   http://www.securityfocus.com/archive/1/archive/1/488457/100/0/threaded   http://www.securityfocus.com/archive/1/archive/1/487990/100/0/threaded BID   25696 APPLE   http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html Return to the previous page. Secunia PSI Scan | Patch | Track Free Download Secunia Poll Do you think it's important to read Setup/User Guides for applications for use within your network? Yes, I do it all the time Yes, but I do it rarely No See Results    Most Popular Advisories 1. Debian OpenSSL Predictable Random Number Generator and Update 2. Microsoft Word Two Code Execution Vulnerabilities 3. Microsoft Malware Protection Engine File Parsing Denial of Service 4. Ubuntu update for openssl 5. Microsoft Publisher Object Handler Validation Vulnerability 6. Microsoft Windows XP I2O Utility Filter Driver Privilege Escalation 7. Novell Client Login Long Username/Contex t Buffer Overflow 8. Citrix Access Gateway Unspecified Authentication Bypass 9. Build A Niche Store "q" Cross-Site Scripting 10. cPanel Cross-Site Scripting and Request Forgery Vulnerabilities
Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia