[email protected]NVD:CVE-2009-4134

HistoryMay 27, 2010 - 7:30 p.m.

CVE-2009-4134

2010-05-2719:30:01

CWE-787

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.

Affected configurations

NVD

Node

pythonpythonMatch2.5.0

References

bugs.python.org/issue8678

lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

secunia.com/advisories/42888

secunia.com/advisories/43068

secunia.com/advisories/43364

support.apple.com/kb/HT4435

www.mandriva.com/security/advisories?name=MDVSA-2010:215

www.redhat.com/support/errata/RHSA-2011-0027.html

www.redhat.com/support/errata/RHSA-2011-0260.html

www.securityfocus.com/bid/40361

www.vupen.com/english/advisories/2011/0122

www.vupen.com/english/advisories/2011/0212

www.vupen.com/english/advisories/2011/0413

bugzilla.redhat.com/show_bug.cgi?id=541698

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

Related for NVD:CVE-2009-4134

prion1 veracode1 cve1 cvelist1 debiancve1 ubuntucve1 nessus11 redhat2 oraclelinux2 openvas9 securityvulns1