Main Vulnerability Database SB2007110701

SB2007110701 - Gentoo update for Python

Published: November 7, 2007 Updated: June 28, 2025

Security Bulletin ID SB2007110701

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Integer overflow (CVE-ID: CVE-2007-4965)

The vulnerability allows a remote non-authenticated attacker to read memory contents or crash the application.

Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.

Remediation

Install update from vendor's website.

References

https://security.gentoo.org/glsa/200711-07