CVE-2008-1721
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
Date published : 2008-04-10
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html