This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple integer overflows in imageop.c in the imageop module in
Python 1.5.2 through 2.5.1 allow context-dependent attackers to break
out of the Python VM and execute arbitrary code via large integer
values in certain arguments to the crop function, leading to a buffer
overflow, a different vulnerability than CVE-2007-4965 and
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,
allow context-dependent attackers to have an unknown impact via a
large integer value in the tabsize argument to the expandtabs method,
as implemented by (1) the string_expandtabs function in
Objects/stringobject.c and (2) the unicode_expandtabs function in
Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists
because of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)
The updated Python packages have been patched to correct these issues.
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true