CVE-2007-4965

N/A Unknown
Published: September 18, 2007 Modified: April 23, 2026
View on NVD

Description

Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=192876
Source: cve@mitre.org
Third Party Advisory
http://docs.info.apple.com/article.html?artnum=307179
Source: cve@mitre.org
Third Party Advisory
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Source: cve@mitre.org
Mailing List
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Source: cve@mitre.org
Mailing List
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html
Source: cve@mitre.org
Exploit
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
Source: cve@mitre.org
Third Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000005.html
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/26837
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/27460
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/27562
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/27872
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/28136
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/28480
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/28838
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/29032
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/29303
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/29889
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/31255
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/31492
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/33937
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/37471
Source: cve@mitre.org
Broken Link
http://secunia.com/advisories/38675
Source: cve@mitre.org
Broken Link
http://support.apple.com/kb/HT3438
Source: cve@mitre.org
Third Party Advisory
http://support.avaya.com/css/P8/documents/100074697
Source: cve@mitre.org
Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0254
Source: cve@mitre.org
Third Party Advisory
http://www.debian.org/security/2008/dsa-1551
Source: cve@mitre.org
Third Party Advisory
http://www.debian.org/security/2008/dsa-1620
Source: cve@mitre.org
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200711-07.xml
Source: cve@mitre.org
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:012
Source: cve@mitre.org
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2008:013
Source: cve@mitre.org
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-1076.html
Source: cve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Source: cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/archive/1/487990/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/488457/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25696
Source: cve@mitre.org
Exploit Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-585-1
Source: cve@mitre.org
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Source: cve@mitre.org
Third Party Advisory US Government Resource
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3201
Source: cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2007/4238
Source: cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2008/0637
Source: cve@mitre.org
Broken Link
http://www.vupen.com/english/advisories/2009/3316
Source: cve@mitre.org
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/36653
Source: cve@mitre.org
VDB Entry
https://issues.rpath.com/browse/RPL-1885
Source: cve@mitre.org
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804
Source: cve@mitre.org
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486
Source: cve@mitre.org
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496
Source: cve@mitre.org
Broken Link
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html
Source: cve@mitre.org
Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=192876
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://docs.info.apple.com/article.html?artnum=307179
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.vmware.com/pipermail/security-announce/2008/000005.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/26837
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/27460
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/27562
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/27872
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/28136
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/28480
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/28838
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/29032
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/29303
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/29889
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/31255
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/31492
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/33937
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/37471
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/38675
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://support.apple.com/kb/HT3438
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.avaya.com/css/P8/documents/100074697
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0254
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2008/dsa-1551
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2008/dsa-1620
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200711-07.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:012
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2008:013
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2007-1076.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/archive/1/487990/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/488457/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25696
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-585-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/3201
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2007/4238
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2008/0637
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.vupen.com/english/advisories/2009/3316
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/36653
Source: af854a3a-2127-422b-91ae-364da2661108
VDB Entry
https://issues.rpath.com/browse/RPL-1885
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

98 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
12.5%
96th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-190

Affected Vendors

python

Related CVEs

CVE-2026-40941 N/A
CVE-2026-40084 6.5
CVE-2026-40083 7.2
CVE-2026-40082 5.4
CVE-2026-40080 6.1