CVE-2010-1449

Name	CVE-2010-1449
Description	Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	603162

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
python2.7 (PTS)	bullseye	2.7.18-8+deb11u1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Debian Bugs
python2.4	source	(unstable)	(unfixed)	low
python2.5	source	(unstable)	2.5.5-11	low	603162
python2.6	source	(unstable)	(not affected)
python2.7	source	(unstable)	(not affected)
python3.1	source	(unstable)	(not affected)

Notes

- python3.1 <not-affected> (rgbimgmodule no longer included in source)
- python2.7 <not-affected> (rgbimgmodule no longer included in source)
- python2.6 <not-affected> (rgbimgmodule no longer included in source)
[lenny] - python2.5 <no-dsa> (Minor issue)
[lenny] - python2.4 <no-dsa> (Minor issue)