CVE-2010-1450 Information

Description

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

Reference

http://bugs.python.org/issue8678 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/42888 http://secunia.com/advisories/43068 http://secunia.com/advisories/43364 http://support.apple.com/kb/HT4435 http://www.mandriva.com/security/advisories?name=MDVSA-2010:215 http://www.redhat.com/support/errata/RHSA-2011-0027.html http://www.redhat.com/support/errata/RHSA-2011-0260.html http://www.securityfocus.com/bid/40365 http://www.vupen.com/english/advisories/2011/0122 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0413 https://bugzilla.redhat.com/show_bug.cgi?id=541698