CVE - CVE-2010-1450

CVE-ID
CVE-2010-1450	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:40365 URL:http://www.securityfocus.com/bid/40365 MISC:42888 URL:http://secunia.com/advisories/42888 MISC:43068 URL:http://secunia.com/advisories/43068 MISC:43364 URL:http://secunia.com/advisories/43364 MISC:ADV-2011-0122 URL:~~http://www.vupen.com/english/advisories/2011/0122~~ (Obsolete source) MISC:ADV-2011-0212 URL:~~http://www.vupen.com/english/advisories/2011/0212~~ (Obsolete source) MISC:ADV-2011-0413 URL:~~http://www.vupen.com/english/advisories/2011/0413~~ (Obsolete source) MISC:APPLE-SA-2010-11-10-1 URL:http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html MISC:MDVSA-2010:215 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2010:215~~ (Obsolete source) MISC:RHSA-2011:0027 URL:http://www.redhat.com/support/errata/RHSA-2011-0027.html MISC:RHSA-2011:0260 URL:http://www.redhat.com/support/errata/RHSA-2011-0260.html MISC:SUSE-SR:2011:002 URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html MISC:http://bugs.python.org/issue8678 URL:http://bugs.python.org/issue8678 MISC:http://support.apple.com/kb/HT4435 URL:http://support.apple.com/kb/HT4435 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=541698 URL:https://bugzilla.redhat.com/show_bug.cgi?id=541698
Assigning CNA
Red Hat, Inc.
Date Record Created
20100415	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100415)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)