Description
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
Remediation
References
Related Vulnerabilities
Claroline Other Vulnerability (CVE-2006-2284)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.28)
WordPress 3.9.x Cross-Site Request Forgery (3.9 - 3.9.26)
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2018-14719)
WordPress Plugin Zip Attachments Arbitrary File Download (1.4)