Python Imageop Module Imageop.crop() BOF Vulnerability (Win) Network Vulnerability

Summary

This host has Python installed and is prone to buffer overflow vulnerability.

Impact

Remote exploitation will allow execution of arbitrary code via large number of integer values to crop module, which leads to a buffer overflow (Segmentation fault). Impact Level: Application

Solution

Upgrade to Python 2.5.2 http://www.python.org/

Insight

The flaw exists due the the way module imageop.crop() handles the arguments as input in imageop.c file.

Affected

Python 1.5.2 to 2.5.1 on Windows

Severity

Classification

CVE CVE-2008-4864
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Alleycode HTML Editor Buffer Overflow Vulnerabilities
ChaSen Buffer Overflow Vulnerability (Linux)
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)
Amarok Player Multiple Vulnerabilities
ClamAV 'find_stream_bounds()' function Buffer Overflow Vulnerability

Python Imageop Module imageop.crop() BOF Vulnerability (Win)

Take action and discover your vulnerabilities