| Snyk

Threat Intelligence

1.52% (87^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-DEBIAN10-PYTHON27-605728
published19 Aug 2020
disclosed27 May 2010

Report a new vulnerability Found a mistake?

Introduced: 27 May 2010

CVE-2010-1449 (opens in a new tab) CWE-190 (opens in a new tab)

Amendment

The Debian security team deemed this advisory irrelevant for Debian:10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream python2.7 package and not the python2.7 package as distributed by Debian.

Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.

References

https://security-tracker.debian.org/tracker/CVE-2010-1449
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://www.securityfocus.com/bid/40363
http://bugs.python.org/issue8678
https://bugzilla.redhat.com/show_bug.cgi?id=541698
http://support.apple.com/kb/HT4435
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
http://www.redhat.com/support/errata/RHSA-2011-0027.html
http://www.redhat.com/support/errata/RHSA-2011-0260.html
http://secunia.com/advisories/42888
http://secunia.com/advisories/43068
http://secunia.com/advisories/43364
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2011/0122
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0413