Python: buffer overflows, DoS, Race Condition vulnerabilities

Users of python please be advised of a buffer overflows, DoS, Race Condition vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

MDVSA-2010:215: [MDVSA-2010:215] python buffer overflows, DoS, Race Condition
Problem Description:

Multiple vulnerabilities was discovered and corrected in python:

Buffer underflow in the rgbimg module in Python 2.5 allows remote
attackers to cause a denial of service (application crash) via a large
ZSIZE value in a black-and-white (aka B/W) RGB image that triggers
an invalid pointer dereference (CVE-2009-4134).

Integer overflow in rgbimgmodule.c in the rgbimg module in Python
2.5 allows remote attackers to have an unspecified impact via a large
image that triggers a buffer overflow. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2008-3143.12 (CVE-2010-1449).
Read more at http://www.criticalwatch.com
 

Advertisements