CVE - CVE-2010-1450

CVE-ID
CVE-2010-1450	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:40365 URL:http://www.securityfocus.com/bid/40365 MISC:42888 URL:http://secunia.com/advisories/42888 MISC:43068 URL:http://secunia.com/advisories/43068 MISC:43364 URL:http://secunia.com/advisories/43364 MISC:ADV-2011-0122 URL:http://www.vupen.com/english/advisories/2011/0122 MISC:ADV-2011-0212 URL:http://www.vupen.com/english/advisories/2011/0212 MISC:ADV-2011-0413 URL:http://www.vupen.com/english/advisories/2011/0413 MISC:APPLE-SA-2010-11-10-1 URL:http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html MISC:MDVSA-2010:215 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:215 MISC:RHSA-2011:0027 URL:http://www.redhat.com/support/errata/RHSA-2011-0027.html MISC:RHSA-2011:0260 URL:http://www.redhat.com/support/errata/RHSA-2011-0260.html MISC:SUSE-SR:2011:002 URL:http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html MISC:http://bugs.python.org/issue8678 URL:http://bugs.python.org/issue8678 MISC:http://support.apple.com/kb/HT4435 URL:http://support.apple.com/kb/HT4435 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=541698 URL:https://bugzilla.redhat.com/show_bug.cgi?id=541698
Assigning CNA
Red Hat, Inc.
Date Record Created
20100415	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20100415)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Site Map | Terms of Use | Privacy Policy | Contact Us | Follow CVE

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2023, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.