Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Python Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2010-1450)

Description

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

Remediation

References

Related Vulnerabilities

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8393)

WordPress Plugin leenk.me Multiple Vulnerabilities (2.5.0)

WordPress Plugin Asgaros Forum Cross-Site Request Forgery (1.5.8)

WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.25)

WordPress Plugin Giveaway Boost PHP Object Injection (2.1.2)

Severity

High

Classification

CVE-2010-1450 CWE-120

Tags

Missing Update Known Vulnerabilities