Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1721

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1721
Last Modified 07 Mar 2011 10:07:31
Published 10 Apr 2008 03:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1721

Summary

Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

Vulnerable Systems

Application

  • Python Software Foundation Python 2.5.2


References

XF - zlib-pystringfromstringandsize-bo(41748)

VUPEN - ADV-2009-3316

VUPEN - ADV-2008-1229

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

UBUNTU - USN-632-1

BID - 28715

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

BUGTRAQ - 20080409 IOActive Security Advisory: Buffer overflow in Python zlib extension module

DEBIAN - DSA-1620

CONFIRM - http://support.avaya.com/css/P8/documents/100074697

CONFIRM - http://support.apple.com/kb/HT3438

SLACKWARE - SSA:2008-217-01

GENTOO - GLSA-200807-01

SECUNIA - 38675

SECUNIA - 37471

SECUNIA - 33937

SECUNIA - 31365

SECUNIA - 31358

SECUNIA - 31255

SECUNIA - 30872

APPLE - APPLE-SA-2009-02-12

CONFIRM - http://bugs.python.org/issue2586

CONFIRM - https://issues.rpath.com/browse/RPL-2444

SECTRACK - 1019823

MANDRIVA - MDVSA-2008:085

DEBIAN - DSA-1551

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0149

SREASON - 3802

SECUNIA - 29955

SECUNIA - 29889

Related Patches

Apple 2009-02-12 Security Update 2009-001 Server (Tiger PPC)

Apple 2009-02-12 Security Update 2009-001 (Tiger PPC)

Apple 2009-02-12 Security Update 2009-001 Server (Tiger Intel)

Apple 2009-02-12 Security Update 2009-001 (Tiger Intel)


Last Updated: 27 May 2016 10:47:38