Canonical: >> Ubuntu Linux >> 8.04 Security Vulnerabilities
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
CVSS Score
9.3
EPSS Score
0.031
Published
2008-04-18
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
CVSS Score
7.5
EPSS Score
0.347
Published
2008-04-10
Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.106
Published
2008-01-12
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
CVSS Score
7.5
EPSS Score
0.023
Published
2007-12-20
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
CVSS Score
6.8
EPSS Score
0.018
Published
2007-11-02
Page 25