7.5
CVE-2010-1450
- EPSS 3.85%
- Veröffentlicht 27.05.2010 19:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:24
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.85% | 0.888 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/43068
http://www.vupen.com/english/advisories/2011/0212
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://support.apple.com/kb/HT4435
http://secunia.com/advisories/42888
http://www.redhat.com/support/errata/RHSA-2011-0027.html
http://www.vupen.com/english/advisories/2011/0122
http://bugs.python.org/issue8678
http://secunia.com/advisories/43364
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
http://www.redhat.com/support/errata/RHSA-2011-0260.html
http://www.vupen.com/english/advisories/2011/0413
https://bugzilla.redhat.com/show_bug.cgi?id=541698
http://www.securityfocus.com/bid/40365