{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2023 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2010-1450","title":"Title"},{"category":"description","text":"Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2010-1450","url":"https://www.suse.com/security/cve/CVE-2010-1450"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 603255 for CVE-2010-1450","url":"https://bugzilla.suse.com/603255"},{"category":"external","summary":"SUSE Bug 666027 for CVE-2010-1450","url":"https://bugzilla.suse.com/666027"},{"category":"external","summary":"Advisory link for SUSE-SR:2011:002","url":"https://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"}],"title":"SUSE CVE CVE-2010-1450","tracking":{"current_release_date":"2023-02-15T05:59:32Z","generator":{"date":"2023-02-15T05:59:32Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2010-1450","initial_release_date":"2023-02-15T05:59:32Z","revision_history":[{"date":"2023-02-15T05:59:32Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 12 SP4","product":{"name":"SUSE Linux Enterprise High Performance Computing 12 SP4","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-hpc:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP1 for Teradata","product":{"name":"SUSE Linux Enterprise Server 11 SP1 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP1 for Teradata","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles_teradata:11:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP3 for Teradata","product":{"name":"SUSE Linux Enterprise Server 11 SP3 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP3 for Teradata","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles_teradata:11:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4","product":{"name":"SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp4"}}},{"category":"product_version","name":"python","product":{"name":"python","product_id":"python","product_identification_helper":{"cpe":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"python-32bit","product":{"name":"python-32bit","product_id":"python-32bit"}},{"category":"product_version","name":"python-curses","product":{"name":"python-curses","product_id":"python-curses"}},{"category":"product_version","name":"python-demo","product":{"name":"python-demo","product_id":"python-demo"}},{"category":"product_version","name":"python-gdbm","product":{"name":"python-gdbm","product_id":"python-gdbm"}},{"category":"product_version","name":"python-idle","product":{"name":"python-idle","product_id":"python-idle"}},{"category":"product_version","name":"python-tk","product":{"name":"python-tk","product_id":"python-tk"}},{"category":"product_version","name":"python27","product":{"name":"python27","product_id":"python27","product_identification_helper":{"cpe":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"python as component of SUSE Linux Enterprise High Performance Computing 12 SP4","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP4:python"},"product_reference":"python","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"python27 as component of SUSE Linux Enterprise Server 11 SP1 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP1 for Teradata:python27"},"product_reference":"python27","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP1 for Teradata"},{"category":"default_component_of","full_product_name":{"name":"python27 as component of SUSE Linux Enterprise Server 11 SP3 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP3 for Teradata:python27"},"product_reference":"python27","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP3 for Teradata"},{"category":"default_component_of","full_product_name":{"name":"python as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:python"},"product_reference":"python","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"python-32bit as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:python-32bit"},"product_reference":"python-32bit","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"python-curses as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:python-curses"},"product_reference":"python-curses","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"python-demo as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:python-demo"},"product_reference":"python-demo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"python-gdbm as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:python-gdbm"},"product_reference":"python-gdbm","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"python-idle as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:python-idle"},"product_reference":"python-idle","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"python-tk as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:python-tk"},"product_reference":"python-tk","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"}]},"vulnerabilities":[{"cve":"CVE-2010-1450","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2010-1450"}],"notes":[{"category":"general","text":"Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.","title":"Vulnerability description"}],"product_status":{"known affected":["SUSE Linux Enterprise High Performance Computing 12 SP4:python","SUSE Linux Enterprise Server 11 SP1 for Teradata:python27","SUSE Linux Enterprise Server 11 SP3 for Teradata:python27","SUSE Linux Enterprise Server 12 SP4:python","SUSE Linux Enterprise Server 12 SP4:python-32bit","SUSE Linux Enterprise Server 12 SP4:python-curses","SUSE Linux Enterprise Server 12 SP4:python-demo","SUSE Linux Enterprise Server 12 SP4:python-gdbm","SUSE Linux Enterprise Server 12 SP4:python-idle","SUSE Linux Enterprise Server 12 SP4:python-tk"]},"references":[{"category":"external","summary":"CVE-2010-1450","url":"https://www.suse.com/security/cve/CVE-2010-1450"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 603255 for CVE-2010-1450","url":"https://bugzilla.suse.com/603255"},{"category":"external","summary":"SUSE Bug 666027 for CVE-2010-1450","url":"https://bugzilla.suse.com/666027"},{"category":"external","summary":"Advisory link for SUSE-SR:2011:002","url":"https://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"}],"threats":[{"category":"impact","date":"2013-06-28T05:20:10Z","details":"important"}],"title":"CVE-2010-1450"}]}