Your submission was sent successfully! Close

CVE-2010-1450

Published: 27 May 2010

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

Priority

Low

Status

Package Release Status
python2.4
Launchpad, Ubuntu, Debian
Upstream
Released (2.4.4-7)
python2.5
Launchpad, Ubuntu, Debian
Upstream
Released (2.5.1-6)
Patches:
Upstream: http://hg.python.org/cpython/rev/f49d9314d439/

Notes

AuthorNote
jdstrand
per upstream, python2.6 not affected
fix for CVE-2007-4965 also fixed the rgbimg module. This CVE was
assigned after the fact.

References