CVE-2016-2533
published 2016-04-13CVE-2016-2533: Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote…
medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | pillow | < pillow 3.1.1-1 (bookworm) | pillow 3.1.1-1 (bookworm) |
| python | pillow | <= 3.1.0 | — |
| python | pillow | >= 0 < 3.1.1-1 | 3.1.1-1 |
| python | pillow | >= 0 < 3.1.1-1 | 3.1.1-1 |
| python | pillow | >= 0 < 3.1.1-1 | 3.1.1-1 |
| python | pillow | >= 0 < 3.1.1-1 | 3.1.1-1 |
| python | pillow | >= 0 < 3.1.1 | 3.1.1 |
| python | pillow | >= 0 < 2.3.0-1ubuntu3.3 | 2.3.0-1ubuntu3.3 |
| python | pillow | >= 0 < 2.3.0-1ubuntu3.2 | 2.3.0-1ubuntu3.2 |
| python_imaging_project | python_imaging | <= 1.1.7 | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM