Rapid7 Vulnerability & Exploit Database

ELSA-2011-0260 Low: Oracle Linux python security and bug fix update

Back to Search

ELSA-2011-0260 Low: Oracle Linux python security and bug fix update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
05/27/2010
Created
07/25/2018
Added
12/20/2011
Modified
07/04/2017

Description

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

Solution(s)

  • oracle-linux-upgrade-python
  • oracle-linux-upgrade-python-devel
  • oracle-linux-upgrade-python-docs
  • oracle-linux-upgrade-python-tools
  • oracle-linux-upgrade-tkinter

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;