CVE-2010-1449 — Integer Overflow or Wraparound in Python

CWE-190 — Integer Overflow or Wraparound5 documents5 sources

Severity

7.5HIGHNVD

EPSS

3.8%

top 11.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Python Debian Python2.7

Timeline

PublishedMay 27

Latest updateMay 2

Description

Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDpython/python2.5.0

▶debiandebian/python2.7

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-5737-j7gj-9mpw: Integer overflow in rgbimgmodule↗2022-05-02

▶

📋Vendor Advisories

Red Hat

python: rgbimg: multiple security issues↗2010-05-10

▶

Debian

CVE-2010-1449: python2.7 - Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows rem...↗2010

▶

💬Community

Bugzilla

CVE-2009-4134 CVE-2010-1449 CVE-2010-1450 python: rgbimg: multiple security issues↗2009-11-26

▶