Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.
bugs.python.org/issue8678
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
secunia.com/advisories/42888
secunia.com/advisories/43068
secunia.com/advisories/43364
support.apple.com/kb/HT4435
www.mandriva.com/security/advisories?name=MDVSA-2010:215
www.redhat.com/support/errata/RHSA-2011-0027.html
www.redhat.com/support/errata/RHSA-2011-0260.html
www.securityfocus.com/bid/40365
www.vupen.com/english/advisories/2011/0122
www.vupen.com/english/advisories/2011/0212
www.vupen.com/english/advisories/2011/0413
bugzilla.redhat.com/show_bug.cgi?id=541698