ID CVE-2009-4134
Summary Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.
References
Vulnerable Configurations
  • cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-02-2020 - 19:28)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2011:0027
  • rhsa
    id RHSA-2011:0260
rpms
  • python-0:2.4.3-43.el5
  • python-debuginfo-0:2.4.3-43.el5
  • python-devel-0:2.4.3-43.el5
  • python-libs-0:2.4.3-43.el5
  • python-tools-0:2.4.3-43.el5
  • tkinter-0:2.4.3-43.el5
  • python-0:2.3.4-14.9.el4
  • python-debuginfo-0:2.3.4-14.9.el4
  • python-devel-0:2.3.4-14.9.el4
  • python-docs-0:2.3.4-14.9.el4
  • python-tools-0:2.3.4-14.9.el4
  • tkinter-0:2.3.4-14.9.el4
refmap via4
apple APPLE-SA-2010-11-10-1
bid 40361
confirm
mandriva MDVSA-2010:215
secunia
  • 42888
  • 43068
  • 43364
suse SUSE-SR:2011:002
vupen
  • ADV-2011-0122
  • ADV-2011-0212
  • ADV-2011-0413
Last major update 18-02-2020 - 19:28
Published 27-05-2010 - 19:30
Last modified 18-02-2020 - 19:28
Back to Top