Your submission was sent successfully! Close

CVE-2010-1450

Published: 27 May 2010

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

Priority

Low

Status

Package Release Status
python2.4
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
hardy Not vulnerable
(2.4.5-1ubuntu4.3)
jaunty Ignored
(reached end-of-life)
karmic Ignored
(reached end-of-life)
lucid Does not exist

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream
Released (2.4.4-7)
python2.5
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Not vulnerable
(2.5.2-2ubuntu6.1)
jaunty Ignored
(reached end-of-life)
karmic Ignored
(reached end-of-life)
lucid Does not exist

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream
Released (2.5.1-6)

Notes

AuthorNote
jdstrand
per upstream, python2.6 not affected
fix for CVE-2007-4965 also fixed the rgbimg module. This CVE was
assigned after the fact.

References