CVE-2007-4965 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-4965 Interim 1 5 2023-12-09T02:13:05Z current 2021-05-30T12:40:09Z 2023-12-09T02:13:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-4965 Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QNE2M4ZXYYOGZ45WSMXUUX2KAOGCQB63/#QNE2M4ZXYYOGZ45WSMXUUX2KAOGCQB63 E-Mail link for SUSE-SR:2008:003 https://www.suse.com/support/security/rating/ SUSE Security Ratings Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows. CVE-2007-4965 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P