Description

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.

Remediation

References

CVE-2008-4864

Related Vulnerabilities

WordPress Plugin Redux Framework Multiple Vulnerabilities (4.2.11)

MySQL CVE-2021-2340 Vulnerability (CVE-2021-2340)

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.67)

WordPress Plugin Print Invoice & Delivery Notes for WooCommerce Cross-Site Scripting (4.7.1)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Multiple Cross-Site Scripting Vulnerabilities (1.8.4.2)

Severity

High

Classification

CVE-2008-4864 CWE-190

Tags

Missing Update Known Vulnerabilities