Your submission was sent successfully! Close

CVE-2010-1449

Published: 27 May 2010

Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.

Priority

Low

Status

Package Release Status
python2.4
Launchpad, Ubuntu, Debian
Upstream
Released (2.4.4-7)
python2.5
Launchpad, Ubuntu, Debian
Upstream
Released (2.5.1-6)
Patches:
Upstream: http://hg.python.org/cpython/rev/f49d9314d439/

Notes

AuthorNote
jdstrand
per upstream, python2.6 not affected
fix for CVE-2007-4965 also fixed the rgbimg module. This CVE was
assigned after the fact.

References