CVE ID:	CVE-2008-4864
Description:	Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
Test IDs:	1.3.6.1.4.1.25623.1.0.800052
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4864 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded http://www.openwall.com/lists/oss-security/2008/10/27/2 http://www.openwall.com/lists/oss-security/2008/10/29/3 http://scary.beasts.org/security/CESA-2008-008.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 31976 http://www.securityfocus.com/bid/31976 BugTraq ID: 31932 http://www.securityfocus.com/bid/31932 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10702 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8354 http://secunia.com/advisories/33937 http://secunia.com/advisories/37471 http://www.vupen.com/english/advisories/2009/3316 XForce ISS Database: python-image-module-bo(46606) http://xforce.iss.net/xforce/xfdb/46606

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: