CVE-2008-1679

Publication date 22 April 2008

Last updated 24 July 2024

Ubuntu priority

Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
python2.4	8.04 LTS hardy	Not affected
	7.10 gutsy	Fixed 2.4.4-6ubuntu4.2
	7.04 feisty	Fixed 2.4.4-2ubuntu7.2
	6.06 LTS dapper	Fixed 2.4.3-0ubuntu6.2
python2.5	8.04 LTS hardy	Not affected
	7.10 gutsy	Fixed 2.5.1-5ubuntu5.2
	7.04 feisty	Fixed 2.5.1-0ubuntu1.2
	6.06 LTS dapper	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
python2.4	Vendor: http://www.debian.org/security/2008/dsa-1551

CVE-2008-1679

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references