Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:MISC:PYTHON-IMGOP-OF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Python ImageOP Module Multiple Integer Overflow

Release Date

 2012/12/02

Update Number

 2207

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Python ImageOP Module Multiple Integer Overflow


This signature detects attempts to exploit a known vulnerability against Python version 2.5.1 and earlier. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

Python's imageop module is prone to multiple integer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input to ensure that integer operations do not overflow. To successfully exploit these issues, an attacker must be able to control the arguments to imageop functions. Remote attackers may be able to do this, depending on the nature of applications that use the vulnerable functions. Attackers would likely submit invalid or specially crafted images to applications that perform imageop operations on the data. A successful exploit may allow attacker-supplied machine code to run in the context of affected applications, facilitating the remote compromise of computers.

Affected Products

  • Apple Mac OS X 10.4.0
  • Apple Mac OS X 10.4.1
  • Apple Mac OS X 10.4.10
  • Apple Mac OS X 10.4.11
  • Apple Mac OS X 10.4.2
  • Apple Mac OS X 10.4.3
  • Apple Mac OS X 10.4.4
  • Apple Mac OS X 10.4.5
  • Apple Mac OS X 10.4.6
  • Apple Mac OS X 10.4.7
  • Apple Mac OS X 10.4.8
  • Apple Mac OS X 10.4.9
  • Apple Mac OS X 10.5
  • Apple Mac OS X 10.5.1
  • Apple Mac OS X 10.5.2
  • Apple Mac OS X 10.5.3
  • Apple Mac OS X 10.5.4
  • Apple Mac OS X 10.5.5
  • Apple Mac OS X 10.5.6
  • Apple Mac OS X Server 10.4.11
  • Apple Mac OS X Server 10.5.1
  • Avaya CMS Server 15.0
  • Avaya CMS Server 16.0
  • Avaya Interactive Response 3.0
  • Avaya Interactive Response 4.0
  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Foresight Linux 1.1
  • Gentoo Linux
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2007.0
  • Mandriva Linux Mandrake 2007.0 X86 64
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2008.1
  • Mandriva Linux Mandrake 2008.1 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • Python Software Foundation Python 1.5.2
  • Python Software Foundation Python 1.6.0
  • Python Software Foundation Python 1.6.1
  • Python Software Foundation Python 2.0.0
  • Python Software Foundation Python 2.0.1
  • Python Software Foundation Python 2.1.0
  • Python Software Foundation Python 2.1.1
  • Python Software Foundation Python 2.1.2
  • Python Software Foundation Python 2.1.3
  • Python Software Foundation Python 2.2.0
  • Python Software Foundation Python 2.2.1
  • Python Software Foundation Python 2.2.2
  • Python Software Foundation Python 2.2.3
  • Python Software Foundation Python 2.3.0
  • Python Software Foundation Python 2.3.1
  • Python Software Foundation Python 2.3.2
  • Python Software Foundation Python 2.3.3
  • Python Software Foundation Python 2.3.4
  • Python Software Foundation Python 2.3.5
  • Python Software Foundation Python 2.3.6
  • Python Software Foundation Python 2.4.0
  • Python Software Foundation Python 2.4.1
  • Python Software Foundation Python 2.4.2
  • Python Software Foundation Python 2.4.3
  • Python Software Foundation Python 2.4.4
  • Python Software Foundation Python 2.5
  • Python Software Foundation Python 2.5.1
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux AS 4.5.Z
  • Red Hat Enterprise Linux AS 4.6.Z
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux ES 4.5.Z
  • Red Hat Enterprise Linux ES 4.6.Z
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora Core7
  • Red Hat Network Satellite (for RHEL 3) 4.2
  • Red Hat Network Satellite (for RHEL 4) 4.2
  • Red Hat Network Satellite (for RHEL 4) 5.1
  • Red Hat Red Hat Network Satellite Server 4.2
  • Red Hat Red Hat Network Satellite Server 5.0.0
  • rPath Appliance Platform Linux Service 1
  • rPath rPath Linux 1
  • Sun OpenSolaris Build Snv 01
  • Sun OpenSolaris Build Snv 02
  • Sun OpenSolaris Build Snv 100
  • Sun OpenSolaris Build Snv 101
  • Sun OpenSolaris Build Snv 101A
  • Sun OpenSolaris Build Snv 102
  • Sun OpenSolaris Build Snv 103
  • Sun OpenSolaris Build Snv 104
  • Sun OpenSolaris Build Snv 105
  • Sun OpenSolaris Build Snv 106
  • Sun OpenSolaris Build Snv 107
  • Sun OpenSolaris Build Snv 108
  • Sun OpenSolaris Build Snv 109
  • Sun OpenSolaris Build Snv 110
  • Sun OpenSolaris Build Snv 111
  • Sun OpenSolaris Build Snv 111A
  • Sun OpenSolaris Build Snv 112
  • Sun OpenSolaris Build Snv 113
  • Sun OpenSolaris Build Snv 114
  • Sun OpenSolaris Build Snv 115
  • Sun OpenSolaris Build Snv 116
  • Sun OpenSolaris Build Snv 117
  • Sun OpenSolaris Build Snv 118
  • Sun OpenSolaris Build Snv 119
  • Sun OpenSolaris Build Snv 120
  • Sun OpenSolaris Build Snv 13
  • Sun OpenSolaris Build Snv 19
  • Sun OpenSolaris Build Snv 22
  • Sun OpenSolaris Build Snv 28
  • Sun OpenSolaris Build Snv 29
  • Sun OpenSolaris Build Snv 36
  • Sun OpenSolaris Build Snv 37
  • Sun OpenSolaris Build Snv 38
  • Sun OpenSolaris Build Snv 39
  • Sun OpenSolaris Build Snv 41
  • Sun OpenSolaris Build Snv 45
  • Sun OpenSolaris Build Snv 47
  • Sun OpenSolaris Build Snv 48
  • Sun OpenSolaris Build Snv 49
  • Sun OpenSolaris Build Snv 50
  • Sun OpenSolaris Build Snv 51
  • Sun OpenSolaris Build Snv 54
  • Sun OpenSolaris Build Snv 57
  • Sun OpenSolaris Build Snv 58
  • Sun OpenSolaris Build Snv 59
  • Sun OpenSolaris Build Snv 61
  • Sun OpenSolaris Build Snv 64
  • Sun OpenSolaris Build Snv 67
  • Sun OpenSolaris Build Snv 68
  • Sun OpenSolaris Build Snv 76
  • Sun OpenSolaris Build Snv 77
  • Sun OpenSolaris Build Snv 78
  • Sun OpenSolaris Build Snv 80
  • Sun OpenSolaris Build Snv 81
  • Sun OpenSolaris Build Snv 82
  • Sun OpenSolaris Build Snv 83
  • Sun OpenSolaris Build Snv 84
  • Sun OpenSolaris Build Snv 85
  • Sun OpenSolaris Build Snv 86
  • Sun OpenSolaris Build Snv 87
  • Sun OpenSolaris Build Snv 88
  • Sun OpenSolaris Build Snv 89
  • Sun OpenSolaris Build Snv 90
  • Sun OpenSolaris Build Snv 91
  • Sun OpenSolaris Build Snv 92
  • Sun OpenSolaris Build Snv 93
  • Sun OpenSolaris Build Snv 94
  • Sun OpenSolaris Build Snv 95
  • Sun OpenSolaris Build Snv 96
  • Sun OpenSolaris Build Snv 98
  • Sun OpenSolaris Build Snv 99
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • SuSE Linux 10.0 Ppc
  • SuSE Linux 10.0 X86
  • SuSE Linux 10.0 X86-64
  • SuSE Linux 10.1 Ppc
  • SuSE Linux 10.1 X86
  • SuSE Linux 10.1 X86-64
  • SuSE Linux Desktop 10
  • SuSE Linux Desktop 1.0.0
  • SuSE Linux Personal 10.2
  • SuSE Linux Personal 10.2 X86 64
  • SuSE Linux Professional 10.2
  • SuSE Linux Professional 10.2 X86 64
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Novell Linux Desktop SDK 9.0.0
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.2
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • SuSE SUSE Linux Enterprise 10 SP1 DEBUGINFO
  • SuSE SUSE Linux Enterprise 10 SP2 DEBUGINFO
  • SuSE SUSE Linux Enterprise Desktop 10
  • SuSE SUSE Linux Enterprise Desktop 10 SP1
  • SuSE SUSE Linux Enterprise Desktop 10 SP2
  • SuSE SUSE Linux Enterprise SDK 10
  • SuSE SUSE Linux Enterprise SDK 10 SP1
  • SuSE SUSE Linux Enterprise Server 10
  • SuSE SUSE Linux Enterprise Server 10 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP2
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SUSE Linux Enterprise Server 9 SP3
  • SuSE SUSE Linux Enterprise Server SDK 9
  • SuSE SuSE Linux Openexchange Server 4.0.0
  • SuSE SUSE LINUX Retail Solution 8.0.0
  • SuSE SuSE Linux School Server for i386
  • SuSE SuSE Linux Standard Server 8.0.0
  • SuSE UnitedLinux 1.0.0
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 6.10 Amd64
  • Ubuntu Ubuntu Linux 6.10 I386
  • Ubuntu Ubuntu Linux 6.10 Powerpc
  • Ubuntu Ubuntu Linux 6.10 Sparc
  • Ubuntu Ubuntu Linux 7.04 Amd64
  • Ubuntu Ubuntu Linux 7.04 I386
  • Ubuntu Ubuntu Linux 7.04 Powerpc
  • Ubuntu Ubuntu Linux 7.04 Sparc
  • Ubuntu Ubuntu Linux 7.10 Amd64
  • Ubuntu Ubuntu Linux 7.10 I386
  • Ubuntu Ubuntu Linux 7.10 Powerpc
  • Ubuntu Ubuntu Linux 7.10 Sparc
  • VMWare ESX Server 2.5.4 Patch 15
  • VMWare ESX Server 2.5.5
  • VMWare ESX Server 2.5.5 Patch 4
  • VMWare ESX Server 3.0.0
  • VMWare ESX Server 3.0.1
  • VMWare ESX Server 3.0.2
  • VMWare ESX Server 3.0.3
  • VMWare ESX Server 3.5
  • VMWare ESX Server 4.0
  • VMWare vMA 4.0

References

  • BugTraq: 25696
  • CVE: CVE-2007-4965

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out