DSA-1551 python2.4 -- several vulnerabilitiesID: oval:org.mitre.oval:def:8152 | Date: (C)2009-12-15 (M)2024-04-17 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems: Piotr Engelking discovered that the strxfrm() function of the locale module miscalculates the length of an internal buffer, which may result in a minor information disclosure. It was discovered that several integer overflows in the imageop module may lead to the execution of arbitrary code, if a user is tricked into processing malformed images. This issue is also tracked as CVE-2008-1679 due to an initially incomplete patch. Justin Ferguson discovered that a buffer overflow in the zlib module may lead to the execution of arbitrary code. Justin Ferguson discovered that insufficient input validation in PyString_FromStringAndSize() may lead to the execution of arbitrary code.