CVE-2010-1450
Published: 27 May 2010
Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.
Notes
| Author | Note |
|---|---|
| jdstrand | per upstream, python2.6 not affected fix for CVE-2007-4965 also fixed the rgbimg module. This CVE was assigned after the fact. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
python2.4 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| hardy |
Not vulnerable
(2.4.5-1ubuntu4.3)
|
|
| jaunty |
Ignored
(end of life)
|
|
| karmic |
Ignored
(end of life)
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| upstream |
Released
(2.4.4-7)
|
|
|
python2.5 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Not vulnerable
(2.5.2-2ubuntu6.1)
|
|
| jaunty |
Ignored
(end of life)
|
|
| karmic |
Ignored
(end of life)
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| natty |
Does not exist
|
|
| oneiric |
Does not exist
|
|
| precise |
Does not exist
|
|
| upstream |
Released
(2.5.1-6)
|
|
|
Patches: upstream: http://hg.python.org/cpython/rev/f49d9314d439/ |
||