Short Name |
HTTP:MISC:PYTHON-IMGOP-OF |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Python ImageOP Module Multiple Integer Overflow |
Release Date |
2012/12/02 |
Update Number |
2207 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability against Python version 2.5.1 and earlier. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the affected application.
Python's imageop module is prone to multiple integer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input to ensure that integer operations do not overflow. To successfully exploit these issues, an attacker must be able to control the arguments to imageop functions. Remote attackers may be able to do this, depending on the nature of applications that use the vulnerable functions. Attackers would likely submit invalid or specially crafted images to applications that perform imageop operations on the data. A successful exploit may allow attacker-supplied machine code to run in the context of affected applications, facilitating the remote compromise of computers.