Matt Giuca noticed a possibility of buffer overflow, present in Python JSON encoder/decoder, when encoding wide Unicode characters on UTF-32/UCS-4. A remote attacker could create a specially-crafted Python script, which once launched by local, unsuspecting user could lead to denial of service (application using Python JSON encoder / decoder crash). References: [1] https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274 Public PoC (from [1]): [2] cjson.encode(u'\U0001D11E\U0001D11E\U0001D11E\U0001D11E\u1234\u1234\u1234\u1234\u1234\u1234') Patch applied by Ubuntu: [3] https://launchpad.net/ubuntu/hardy/+source/python-cjson/1.0.5-1ubuntu0.8.04.1/+files/python-cjson_1.0.5-1ubuntu0.8.04.1.diff.gz
Created attachment 429108 [details] And local copy of Ubuntu patch
This issue affects the versions of the python-cjson package, as shipped with Fedora releases of 12 and 13. This issue affects the versions of the python-cjson package, as present within EPEL-5 repository. Please fix.
Created python-cjson tracking bugs for this issue Affects: fedora-all [bug 610881]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.