Home > Vulnerability Database > CVE-2010-1450

Mend.io Vulnerability Database

CVE-2010-1450

Date: May 27, 2010

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

Severity Score

7.3

Related Resources (21)

Url: http://www.redhat.com/support/errata/RHSA-2011-0260.html

Url: http://www.securityfocus.com/bid/40365

Url: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2010:215

Url: https://bugs.python.org/issue1179

Url: http://seclists.org/fulldisclosure/2007/Sep/279

Url: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Url: http://bugs.python.org/issue8678

Url: https://bugzilla.redhat.com/show_bug.cgi?id=541698

Url: https://access.redhat.com/security/cve/CVE-2010-1450

Url: http://secunia.com/advisories/43364

Url: http://secunia.com/advisories/43068

Url: http://www.vupen.com/english/advisories/2011/0413

Url: http://support.apple.com/kb/HT4435

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2010-1450

Url: http://secunia.com/advisories/42888

Url: http://www.vupen.com/english/advisories/2011/0212

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-1450

Url: http://www.redhat.com/support/errata/RHSA-2011-0027.html

Url: http://www.vupen.com/english/advisories/2011/0122

Url: https://www.mend.io/vulnerability-database/CVE-2010-1450

Severity Score

7.3

Weakness Type (CWE)

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-120

CVSS v3.1

Base Score:	7.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	7.5
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-1450

Date: May 27, 2010

Severity Score

Related Resources (21)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?