{"id": "DEBIAN:DSA-3499-1:2F6F6", "bulletinFamily": "unix", "title": "[SECURITY] [DSA 3499-1] pillow security update", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3499-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 28, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : pillow\nCVE ID : CVE-2016-0740 CVE-2016-0775 CVE-2016-2533 \n\nMultiple security vulnerabilities have been found in Pillow, a Python\nimaging library, which may result in denial of service or the execution\nof arbitrary code if a malformed FLI, PCD or Tiff files is processed.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.1.7-4+deb7u2 of the python-imaging source package.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.6.1-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.1.1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.1.1-1.\n\nWe recommend that you upgrade your pillow packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "published": "2016-02-28T22:15:04", "modified": "2016-02-28T22:15:04", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00069.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533"], "type": "debian", "lastseen": "2020-08-12T01:02:10", "edition": 14, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-0775", "CVE-2016-2533", "CVE-2016-0740"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310843724", "OPENVAS:1361412562310703499", "OPENVAS:703499", "OPENVAS:1361412562310131237", "OPENVAS:1361412562311220192226", "OPENVAS:1361412562311220192654", "OPENVAS:1361412562311220201244", "OPENVAS:1361412562310807244", "OPENVAS:1361412562310843735", "OPENVAS:1361412562310807294"]}, {"type": "nessus", "idList": ["UBUNTU_USN-3080-1.NASL", "FEDORA_2016-4D00DCA15A.NASL", "UBUNTU_USN-3090-1.NASL", "DEBIAN_DSA-3499.NASL", "GENTOO_GLSA-201612-52.NASL", "EULEROS_SA-2019-2226.NASL", "OPENSUSE-2016-339.NASL", "EULEROS_SA-2020-1244.NASL", "FEDORA_2016-4B06195979.NASL", "UBUNTU_USN-3090-2.NASL"]}, {"type": "ubuntu", "idList": ["USN-3090-2", "USN-3090-1", "USN-3080-1"]}, {"type": "fedora", "idList": ["FEDORA:3633D60617FF", "FEDORA:3877960A4EC9"]}, {"type": "gentoo", "idList": ["GLSA-201612-52"]}, {"type": "github", "idList": ["GHSA-8XJV-V9XQ-M5H9", "GHSA-HGGX-3H72-49WW", "GHSA-3C5C-7235-994J"]}, {"type": "freebsd", "idList": ["53252879-CF11-11E5-805C-5453ED2E2B49", "6EA60E00-CF13-11E5-805C-5453ED2E2B49"]}, {"type": "debian", "idList": ["DEBIAN:DLA-422-1:B38FE"]}, {"type": "threatpost", "idList": ["THREATPOST:0B65755405740D9B3D1D473DAFD22D2E"]}], "modified": "2020-08-12T01:02:10", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2020-08-12T01:02:10", "rev": 2}, "vulnersScore": 6.4}, "affectedPackage": [{"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-sane-dbg_2.6.1-2+deb8u2_all.deb", "packageName": "python-sane-dbg", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-sane_2.6.1-2+deb8u2_all.deb", "packageName": "python-sane", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-imaging_2.6.1-2+deb8u2_all.deb", "packageName": "python-imaging", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python3-sane-dbg_2.6.1-2+deb8u2_all.deb", "packageName": "python3-sane-dbg", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python3-pil-dbg_2.6.1-2+deb8u2_all.deb", "packageName": "python3-pil-dbg", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-pil-dbg_2.6.1-2+deb8u2_all.deb", "packageName": "python-pil-dbg", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python3-sane_2.6.1-2+deb8u2_all.deb", "packageName": "python3-sane", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "pillow_2.6.1-2+deb8u2_all.deb", "packageName": "pillow", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python3-pil.imagetk-dbg_2.6.1-2+deb8u2_all.deb", "packageName": "python3-pil.imagetk-dbg", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-pil_2.6.1-2+deb8u2_all.deb", "packageName": "python-pil", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-pil.imagetk-dbg_2.6.1-2+deb8u2_all.deb", "packageName": "python-pil.imagetk-dbg", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python3-pil.imagetk_2.6.1-2+deb8u2_all.deb", "packageName": "python3-pil.imagetk", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-pil.imagetk_2.6.1-2+deb8u2_all.deb", "packageName": "python-pil.imagetk", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python3-pil_2.6.1-2+deb8u2_all.deb", "packageName": "python3-pil", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-pil-doc_2.6.1-2+deb8u2_all.deb", "packageName": "python-pil-doc", "packageVersion": "2.6.1-2+deb8u2"}, {"OS": "Debian", "OSVersion": "8", "arch": "all", "operator": "lt", "packageFilename": "python-imaging-tk_2.6.1-2+deb8u2_all.deb", "packageName": "python-imaging-tk", "packageVersion": "2.6.1-2+deb8u2"}], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T20:07:37", "description": "Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-04-13T16:59:00", "title": "CVE-2016-2533", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2533"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/a:python:pillow:3.1.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:python_imaging_project:python_imaging:1.1.7"], "id": "CVE-2016-2533", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2533", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:python:pillow:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:python_imaging_project:python_imaging:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:32", "description": "Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-04-13T16:59:00", "title": "CVE-2016-0740", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0740"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/a:python:pillow:3.1.0", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2016-0740", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0740", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:python:pillow:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:07:32", "description": "Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.", "edition": 5, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-04-13T16:59:00", "title": "CVE-2016-0775", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0775"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/a:python:pillow:3.1.0", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2016-0775", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0775", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:python:pillow:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:35:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533"], "description": "Multiple security vulnerabilities have been found in Pillow, a Python\nimaging library, which may result in denial of service or the execution\nof arbitrary code if a malformed FLI, PCD or Tiff files is processed.", "modified": "2019-03-18T00:00:00", "published": "2016-03-08T00:00:00", "id": "OPENVAS:1361412562310703499", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703499", "type": "openvas", "title": "Debian Security Advisory DSA 3499-1 (pillow - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3499.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3499-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703499\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\");\n script_name(\"Debian Security Advisory DSA 3499-1 (pillow - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 12:38:01 +0530 (Tue, 08 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3499.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|7|8)\");\n script_tag(name:\"affected\", value:\"pillow on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy), this problem has been fixed\nin version 1.1.7-4+deb7u2 of the python-imaging source package.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.6.1-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.1.1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.1.1-1.\n\nWe recommend that you upgrade your pillow packages.\");\n script_tag(name:\"summary\", value:\"Multiple security vulnerabilities have been found in Pillow, a Python\nimaging library, which may result in denial of service or the execution\nof arbitrary code if a malformed FLI, PCD or Tiff files is processed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil-dbg\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil-doc\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil.imagetk\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil.imagetk-dbg\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil-dbg\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil.imagetk\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil.imagetk-dbg\", ver:\"3.1.1-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"1.1.7-4+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging-dbg\", ver:\"1.1.7-4+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging-doc\", ver:\"1.1.7-4+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging-sane\", ver:\"1.1.7-4+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging-sane-dbg\", ver:\"1.1.7-4+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging-tk\", ver:\"1.1.7-4+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging-tk-dbg\", ver:\"1.1.7-4+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-imaging-tk\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil-dbg\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil-doc\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil.imagetk\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-pil.imagetk-dbg\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-sane\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-sane-dbg\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil-dbg\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil.imagetk\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-pil.imagetk-dbg\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-sane\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python3-sane-dbg\", ver:\"2.6.1-2+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-24T12:54:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533"], "description": "Multiple security vulnerabilities have been found in Pillow, a Python\nimaging library, which may result in denial of service or the execution\nof arbitrary code if a malformed FLI, PCD or Tiff files is processed.", "modified": "2017-07-07T00:00:00", "published": "2016-03-08T00:00:00", "id": "OPENVAS:703499", "href": "http://plugins.openvas.org/nasl.php?oid=703499", "type": "openvas", "title": "Debian Security Advisory DSA 3499-1 (pillow - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3499.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3499-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703499);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\");\n script_name(\"Debian Security Advisory DSA 3499-1 (pillow - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 12:38:01 +0530 (Tue, 08 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3499.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"pillow on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy), this problem has been fixed\nin version 1.1.7-4+deb7u2 of the python-imaging source package.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.6.1-2+deb8u2.\n\nFor the testing distribution (stretch), this problem has been fixed\nin version 3.1.1-1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.1.1-1.\n\nWe recommend that you upgrade your pillow packages.\");\n script_tag(name: \"summary\", value: \"Multiple security vulnerabilities have been found in Pillow, a Python\nimaging library, which may result in denial of service or the execution\nof arbitrary code if a malformed FLI, PCD or Tiff files is processed.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil-dbg\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil-doc\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil.imagetk\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil.imagetk-dbg\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil-dbg\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil.imagetk\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil.imagetk-dbg\", ver:\"3.1.1-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"1.1.7-4+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging-dbg\", ver:\"1.1.7-4+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging-doc\", ver:\"1.1.7-4+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging-sane\", ver:\"1.1.7-4+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging-sane-dbg\", ver:\"1.1.7-4+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging-tk\", ver:\"1.1.7-4+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging-tk-dbg\", ver:\"1.1.7-4+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-imaging-tk\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil-dbg\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil-doc\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil.imagetk\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-pil.imagetk-dbg\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-sane\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-sane-dbg\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil-dbg\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil.imagetk\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-pil.imagetk-dbg\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-sane\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python3-sane-dbg\", ver:\"2.6.1-2+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-14T16:51:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2016-9189"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-13T00:00:00", "published": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201244", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1244)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1244\");\n script_version(\"2020-03-13T07:17:50+0000\");\n script_cve_id(\"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\", \"CVE-2016-9189\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:17:50 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:17:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2020-1244)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1244\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1244\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-pillow' package(s) announced via the EulerOS-SA-2020-1244 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A memory disclosure vulnerability was found in python-pillow. Functions in map.c failed to check for image overflow and check that an offset parameter was within bounds, allowing a crafted image to cause a crash or disclosure of memory.(CVE-2016-9189)\n\n\nBuffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.(CVE-2016-2533)\n\n\nBuffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.(CVE-2016-0775)\n\n\nBuffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.(CVE-2016-0740)\");\n\n script_tag(name:\"affected\", value:\"'python-pillow' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pillow\", rpm:\"python-pillow~2.0.0~19.h2.gitd1c6db8\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:40:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2016-9189"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192226", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192226", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2226)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2226\");\n script_version(\"2020-01-23T12:41:31+0000\");\n script_cve_id(\"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\", \"CVE-2016-9189\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:41:31 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:41:31 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2226)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2226\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2226\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-pillow' package(s) announced via the EulerOS-SA-2019-2226 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.(CVE-2016-2533)\n\nPillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the 'crafted image file' approach, related to an 'Integer Overflow' issue affecting the Image.core.map_buffer in map.c component.(CVE-2016-9189)\n\nBuffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.(CVE-2016-0775)\n\nBuffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.(CVE-2016-0740)\");\n\n script_tag(name:\"affected\", value:\"'python-pillow' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pillow\", rpm:\"python-pillow~2.0.0~19.h2.gitd1c6db8.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:33:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2014-9601", "CVE-2014-3589"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310843724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843724", "type": "openvas", "title": "Ubuntu Update for pillow USN-3090-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3090_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for pillow USN-3090-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843724\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2014-9601\", \"CVE-2014-3589\", \"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:11:57 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"Ubuntu Update for pillow USN-3090-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3090-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3090-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pillow'\n package(s) announced via the USN-3090-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a flaw in processing a compressed text chunk in\na PNG image could cause the image to have a large size when decompressed,\npotentially leading to a denial of service. (CVE-2014-9601)\n\nAndrew Drake discovered that Pillow incorrectly validated input. A remote\nattacker could use this to cause Pillow to crash, resulting in a denial\nof service. (CVE-2014-3589)\n\nEric Soroos discovered that Pillow incorrectly handled certain malformed\nFLI, Tiff, and PhotoCD files. A remote attacker could use this issue to\ncause Pillow to crash, resulting in a denial of service.\n(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533)\");\n\n script_tag(name:\"affected\", value:\"pillow on Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"2.3.0-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python-pil\", ver:\"2.3.0-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3-imaging\", ver:\"2.3.0-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3-pil\", ver:\"2.3.0-1ubuntu3.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-02-21T00:00:00", "id": "OPENVAS:1361412562310807294", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807294", "type": "openvas", "title": "Fedora Update for python-pillow FEDORA-2016-4 (FC-22)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-pillow FEDORA-2016-4 (FC-22)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807294\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-21 06:21:31 +0100 (Sun, 21 Feb 2016)\");\n script_cve_id(\"CVE-2016-0775\", \"CVE-2016-0740\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for python-pillow FEDORA-2016-4 (FC-22)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-pillow'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"python-pillow on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177448.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-pillow\", rpm:\"python-pillow~2.8.2~4.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740"], "description": "Mageia Linux Local Security Checks mgasa-2016-0066", "modified": "2019-03-14T00:00:00", "published": "2016-02-18T00:00:00", "id": "OPENVAS:1361412562310131237", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131237", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0066", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0066.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131237\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-02-18 07:27:42 +0200 (Thu, 18 Feb 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0066\");\n script_tag(name:\"insight\", value:\"A buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening a specially crafted invalid TIFF file (CVE-2016-0740). A buffer overflow in FliDecode.c causing a segfault when opening FLI files (CVE-2016-0775). A buffer overflow in PcdDecode.c causing a segfault when opening PhotoCD files.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0066.html\");\n script_cve_id(\"CVE-2016-0740\", \"CVE-2016-0775\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0066\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"python-pillow\", rpm:\"python-pillow~2.6.2~2.5.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-02-10T00:00:00", "id": "OPENVAS:1361412562310807244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807244", "type": "openvas", "title": "Fedora Update for python-pillow FEDORA-2016-4 (FC-23)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-pillow FEDORA-2016-4 (FC-23)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807244\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-02-10 06:33:40 +0100 (Wed, 10 Feb 2016)\");\n script_cve_id(\"CVE-2016-0775\", \"CVE-2016-0740\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for python-pillow FEDORA-2016-4 (FC-23)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-pillow'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"python-pillow on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176983.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-pillow\", rpm:\"python-pillow~3.0.0~2.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:33:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-2533", "CVE-2014-3589"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310843735", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843735", "type": "openvas", "title": "Ubuntu Update for python-imaging USN-3080-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3080_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for python-imaging USN-3080-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843735\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2016-0775\", \"CVE-2016-2533\", \"CVE-2014-3589\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:13:22 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"Ubuntu Update for python-imaging USN-3080-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3080-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3080-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-imaging'\n package(s) announced via the USN-3080-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Eric Soroos discovered that the Python Imaging Library incorrectly handled\ncertain malformed FLI or PhotoCD files. A remote attacker could use this\nissue to cause Python Imaging Library to crash, resulting in a denial of\nservice. (CVE-2016-0775, CVE-2016-2533)\n\nAndrew Drake discovered that the Python Imaging Library incorrectly validated\ninput. A remote attacker could use this to cause Python Imaging Library to\ncrash, resulting in a denial of service. (CVE-2014-3589)\");\n\n script_tag(name:\"affected\", value:\"python-imaging on Ubuntu 12.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python-imaging\", ver:\"1.1.7-4ubuntu0.12.04.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3007", "CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2016-9190", "CVE-2014-9601", "CVE-2014-1932", "CVE-2014-3589", "CVE-2016-9189", "CVE-2014-1933"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192654", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192654", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2654)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2654\");\n script_version(\"2020-01-23T13:12:30+0000\");\n script_cve_id(\"CVE-2014-1932\", \"CVE-2014-1933\", \"CVE-2014-3007\", \"CVE-2014-3589\", \"CVE-2014-9601\", \"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\", \"CVE-2016-9189\", \"CVE-2016-9190\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:12:30 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:12:30 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2019-2654)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2654\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2654\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python-pillow' package(s) announced via the EulerOS-SA-2019-2654 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.(CVE-2016-0775)\n\nBuffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.(CVE-2016-0740)\n\nBuffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.(CVE-2016-2533)\n\nPIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.(CVE-2014-3589)\n\nPillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.(CVE-2014-9601)\n\nPillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the 'crafted image file' approach, related to an 'Insecure Sign Extension' issue affecting the ImagingNew in Storage.c component.(CVE-2016-9190)\n\nPillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the 'crafted image file' approach, related to an 'Integer Overflow' issue affecting the Image.core.map_buffer in map.c component.(CVE-2016-9189)\n\nPython Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.(CVE-2014-3007)\n\nThe (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.(CVE-2014-1933)\n\nThe (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which allow local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on the temporary file.(CVE-2014-1932)\");\n\n script_tag(name:\"affected\", value:\"'python-pillow' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-pillow\", rpm:\"python-pillow~2.0.0~19.gitd1c6db8.h1\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-12T09:49:27", "description": "Multiple security vulnerabilities have been found in Pillow, a Python\nimaging library, which may result in denial of service or the\nexecution of arbitrary code if a malformed FLI, PCD or Tiff files is\nprocessed.", "edition": 22, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2016-02-29T00:00:00", "title": "Debian DSA-3499-1 : pillow - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533"], "modified": "2016-02-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:pillow", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3499.NASL", "href": "https://www.tenable.com/plugins/nessus/89005", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3499. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89005);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\");\n script_xref(name:\"DSA\", value:\"3499\");\n\n script_name(english:\"Debian DSA-3499-1 : pillow - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security vulnerabilities have been found in Pillow, a Python\nimaging library, which may result in denial of service or the\nexecution of arbitrary code if a malformed FLI, PCD or Tiff files is\nprocessed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/pillow\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3499\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the pillow packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.1.7-4+deb7u2 of the python-imaging source package.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.6.1-2+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pillow\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"pillow\", reference:\"1.1.7-4+deb7u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-imaging\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-imaging-tk\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-pil\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-pil-dbg\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-pil-doc\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-pil.imagetk\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-pil.imagetk-dbg\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-sane\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-sane-dbg\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-pil\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-pil-dbg\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-pil.imagetk\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-pil.imagetk-dbg\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-sane\", reference:\"2.6.1-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-sane-dbg\", reference:\"2.6.1-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-07T09:00:02", "description": "According to the versions of the python-pillow package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Buffer overflow in the ImagingPcdDecode function in\n PcdDecode.c in Pillow before 3.1.1 and Python Imaging\n Library (PIL) 1.1.7 and earlier allows remote attackers\n to cause a denial of service (crash) via a crafted\n PhotoCD file.(CVE-2016-2533)\n\n - Pillow before 3.3.2 allows context-dependent attackers\n to obtain sensitive information by using the 'crafted\n image file' approach, related to an 'Integer Overflow'\n issue affecting the Image.core.map_buffer in map.c\n component.(CVE-2016-9189)\n\n - Buffer overflow in the ImagingFliDecode function in\n libImaging/FliDecode.c in Pillow before 3.1.1 allows\n remote attackers to cause a denial of service (crash)\n via a crafted FLI file.(CVE-2016-0775)\n\n - Buffer overflow in the ImagingLibTiffDecode function in\n libImaging/TiffDecode.c in Pillow before 3.1.1 allows\n remote attackers to overwrite memory via a crafted TIFF\n file.(CVE-2016-0740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}, "published": "2019-11-08T00:00:00", "title": "EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2019-2226)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2016-9189"], "modified": "2019-11-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-pillow", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2226.NASL", "href": "https://www.tenable.com/plugins/nessus/130688", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130688);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-0740\",\n \"CVE-2016-0775\",\n \"CVE-2016-2533\",\n \"CVE-2016-9189\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : python-pillow (EulerOS-SA-2019-2226)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pillow package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Buffer overflow in the ImagingPcdDecode function in\n PcdDecode.c in Pillow before 3.1.1 and Python Imaging\n Library (PIL) 1.1.7 and earlier allows remote attackers\n to cause a denial of service (crash) via a crafted\n PhotoCD file.(CVE-2016-2533)\n\n - Pillow before 3.3.2 allows context-dependent attackers\n to obtain sensitive information by using the 'crafted\n image file' approach, related to an 'Integer Overflow'\n issue affecting the Image.core.map_buffer in map.c\n component.(CVE-2016-9189)\n\n - Buffer overflow in the ImagingFliDecode function in\n libImaging/FliDecode.c in Pillow before 3.1.1 allows\n remote attackers to cause a denial of service (crash)\n via a crafted FLI file.(CVE-2016-0775)\n\n - Buffer overflow in the ImagingLibTiffDecode function in\n libImaging/TiffDecode.c in Pillow before 3.1.1 allows\n remote attackers to overwrite memory via a crafted TIFF\n file.(CVE-2016-0740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2226\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c36c90ba\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pillow packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pillow\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-pillow-2.0.0-19.h2.gitd1c6db8.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pillow\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T09:03:09", "description": "According to the versions of the python-pillow package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A memory disclosure vulnerability was found in\n python-pillow. Functions in map.c failed to check for\n image overflow and check that an offset parameter was\n within bounds, allowing a crafted image to cause a\n crash or disclosure of memory.(CVE-2016-9189)\n\n - Buffer overflow in the ImagingPcdDecode function in\n PcdDecode.c in Pillow before 3.1.1 and Python Imaging\n Library (PIL) 1.1.7 and earlier allows remote attackers\n to cause a denial of service (crash) via a crafted\n PhotoCD file.(CVE-2016-2533)\n\n - Buffer overflow in the ImagingFliDecode function in\n libImaging/FliDecode.c in Pillow before 3.1.1 allows\n remote attackers to cause a denial of service (crash)\n via a crafted FLI file.(CVE-2016-0775)\n\n - Buffer overflow in the ImagingLibTiffDecode function in\n libImaging/TiffDecode.c in Pillow before 3.1.1 allows\n remote attackers to overwrite memory via a crafted TIFF\n file.(CVE-2016-0740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}, "published": "2020-03-13T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2020-1244)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2016-9189"], "modified": "2020-03-13T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.0", "p-cpe:/a:huawei:euleros:python-pillow"], "id": "EULEROS_SA-2020-1244.NASL", "href": "https://www.tenable.com/plugins/nessus/134533", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134533);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-0740\",\n \"CVE-2016-0775\",\n \"CVE-2016-2533\",\n \"CVE-2016-9189\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : python-pillow (EulerOS-SA-2020-1244)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pillow package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - A memory disclosure vulnerability was found in\n python-pillow. Functions in map.c failed to check for\n image overflow and check that an offset parameter was\n within bounds, allowing a crafted image to cause a\n crash or disclosure of memory.(CVE-2016-9189)\n\n - Buffer overflow in the ImagingPcdDecode function in\n PcdDecode.c in Pillow before 3.1.1 and Python Imaging\n Library (PIL) 1.1.7 and earlier allows remote attackers\n to cause a denial of service (crash) via a crafted\n PhotoCD file.(CVE-2016-2533)\n\n - Buffer overflow in the ImagingFliDecode function in\n libImaging/FliDecode.c in Pillow before 3.1.1 allows\n remote attackers to cause a denial of service (crash)\n via a crafted FLI file.(CVE-2016-0775)\n\n - Buffer overflow in the ImagingLibTiffDecode function in\n libImaging/TiffDecode.c in Pillow before 3.1.1 allows\n remote attackers to overwrite memory via a crafted TIFF\n file.(CVE-2016-0740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1244\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?722bf869\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pillow packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-9189\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pillow\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-pillow-2.0.0-19.h2.gitd1c6db8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pillow\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T06:44:00", "description": "USN-3090-1 fixed vulnerabilities in Pillow. The patch to fix\nCVE-2014-9601 caused a regression which resulted in failures when\nprocessing certain png images. This update temporarily reverts the\nsecurity fix for CVE-2014-9601 pending further investigation.\n\nWe apologize for the inconvenience.\n\nIt was discovered that a flaw in processing a compressed text chunk in\na PNG image could cause the image to have a large size when\ndecompressed, potentially leading to a denial of service.\n(CVE-2014-9601)\n\nAndrew Drake discovered that Pillow incorrectly validated input. A\nremote attacker could use this to cause Pillow to crash, resulting in\na denial of service. (CVE-2014-3589)\n\nEric Soroos discovered that Pillow incorrectly handled certain\nmalformed FLI, Tiff, and PhotoCD files. A remote attacker could use\nthis issue to cause Pillow to crash, resulting in a denial of service.\n(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2016-10-03T00:00:00", "title": "Ubuntu 14.04 LTS : Pillow regression (USN-3090-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2014-9601", "CVE-2014-3589"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python3-imaging", "p-cpe:/a:canonical:ubuntu_linux:python-pil", "p-cpe:/a:canonical:ubuntu_linux:python3-pil", "p-cpe:/a:canonical:ubuntu_linux:python-imaging", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3090-2.NASL", "href": "https://www.tenable.com/plugins/nessus/93827", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3090-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93827);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2014-3589\", \"CVE-2014-9601\", \"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\");\n script_xref(name:\"USN\", value:\"3090-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : Pillow regression (USN-3090-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3090-1 fixed vulnerabilities in Pillow. The patch to fix\nCVE-2014-9601 caused a regression which resulted in failures when\nprocessing certain png images. This update temporarily reverts the\nsecurity fix for CVE-2014-9601 pending further investigation.\n\nWe apologize for the inconvenience.\n\nIt was discovered that a flaw in processing a compressed text chunk in\na PNG image could cause the image to have a large size when\ndecompressed, potentially leading to a denial of service.\n(CVE-2014-9601)\n\nAndrew Drake discovered that Pillow incorrectly validated input. A\nremote attacker could use this to cause Pillow to crash, resulting in\na denial of service. (CVE-2014-3589)\n\nEric Soroos discovered that Pillow incorrectly handled certain\nmalformed FLI, Tiff, and PhotoCD files. A remote attacker could use\nthis issue to cause Pillow to crash, resulting in a denial of service.\n(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3090-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-imaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-pil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-imaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-pil\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python-imaging\", pkgver:\"2.3.0-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python-pil\", pkgver:\"2.3.0-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python3-imaging\", pkgver:\"2.3.0-1ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python3-pil\", pkgver:\"2.3.0-1ubuntu3.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-imaging / python-pil / python3-imaging / python3-pil\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:44:00", "description": "It was discovered that a flaw in processing a compressed text chunk in\na PNG image could cause the image to have a large size when\ndecompressed, potentially leading to a denial of service.\n(CVE-2014-9601)\n\nAndrew Drake discovered that Pillow incorrectly validated input. A\nremote attacker could use this to cause Pillow to crash, resulting in\na denial of service. (CVE-2014-3589)\n\nEric Soroos discovered that Pillow incorrectly handled certain\nmalformed FLI, Tiff, and PhotoCD files. A remote attacker could use\nthis issue to cause Pillow to crash, resulting in a denial of service.\n(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2016-09-28T00:00:00", "title": "Ubuntu 14.04 LTS : Pillow vulnerabilities (USN-3090-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2014-9601", "CVE-2014-3589"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python3-imaging", "p-cpe:/a:canonical:ubuntu_linux:python-pil", "p-cpe:/a:canonical:ubuntu_linux:python3-pil", "p-cpe:/a:canonical:ubuntu_linux:python-imaging", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3090-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93775", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3090-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93775);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2014-3589\", \"CVE-2014-9601\", \"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\");\n script_xref(name:\"USN\", value:\"3090-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : Pillow vulnerabilities (USN-3090-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a flaw in processing a compressed text chunk in\na PNG image could cause the image to have a large size when\ndecompressed, potentially leading to a denial of service.\n(CVE-2014-9601)\n\nAndrew Drake discovered that Pillow incorrectly validated input. A\nremote attacker could use this to cause Pillow to crash, resulting in\na denial of service. (CVE-2014-3589)\n\nEric Soroos discovered that Pillow incorrectly handled certain\nmalformed FLI, Tiff, and PhotoCD files. A remote attacker could use\nthis issue to cause Pillow to crash, resulting in a denial of service.\n(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3090-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-imaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-pil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-imaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-pil\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python-imaging\", pkgver:\"2.3.0-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python-pil\", pkgver:\"2.3.0-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python3-imaging\", pkgver:\"2.3.0-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python3-pil\", pkgver:\"2.3.0-1ubuntu3.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-imaging / python-pil / python3-imaging / python3-pil\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:14:14", "description": "This update fixes the python3-pillow package description. ---- This\nupdate fixes for security vulnerabilities, including CVE-2016-0775,\nCVE-2016-0740.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2016-03-04T00:00:00", "title": "Fedora 22 : python-pillow-2.8.2-4.fc22 (2016-4d00dca15a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python-pillow", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-4D00DCA15A.NASL", "href": "https://www.tenable.com/plugins/nessus/89538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-4d00dca15a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89538);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2016-4d00dca15a\");\n\n script_name(english:\"Fedora 22 : python-pillow-2.8.2-4.fc22 (2016-4d00dca15a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the python3-pillow package description. ---- This\nupdate fixes for security vulnerabilities, including CVE-2016-0775,\nCVE-2016-0740.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1305004\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/177448.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0512b48e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-pillow package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-pillow\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"python-pillow-2.8.2-4.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pillow\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:14:14", "description": "This update fixes for security vulnerabilities, including\nCVE-2016-0775, CVE-2016-0740.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : python-pillow-3.0.0-2.fc23 (2016-4b06195979)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python-pillow", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-4B06195979.NASL", "href": "https://www.tenable.com/plugins/nessus/89535", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-4b06195979.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89535);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2016-4b06195979\");\n\n script_name(english:\"Fedora 23 : python-pillow-3.0.0-2.fc23 (2016-4b06195979)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes for security vulnerabilities, including\nCVE-2016-0775, CVE-2016-0740.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1305004\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176983.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?02b6d044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-pillow package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-pillow\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"python-pillow-3.0.0-2.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pillow\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-20T12:30:07", "description": "This update for python-Pillow fixes the following issues :\n\n - backport security fixes from 3.1.1\n (Pillow-overflows.patch) :\n\n - Fixed an integer overflow in Resample.c causing writes\n in the Python heap. \n\n - Fixed a buffer overflow in PcdDecode.c causing a\n segfault when opening PhotoCD files. CVE-2016-TBD\n\n - Fixed a buffer overflow in FliDecode.c causing a\n segfault when opening FLI files. CVE-2016-0775 (fixes\n boo#965582)\n\n - Fixed a buffer overflow in TiffDecode.c causing an\n arbitrary amount of memory to be overwritten when\n opening a specially crafted invalid TIFF file.\n CVE-2016-0740 (fixes boo#965579)", "edition": 18, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}, "published": "2016-03-16T00:00:00", "title": "openSUSE Security Update : python-Pillow (openSUSE-2016-339)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-0740"], "modified": "2016-03-16T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python-Pillow-debuginfo", "p-cpe:/a:novell:opensuse:python-Pillow-tk", "cpe:/o:novell:opensuse:42.1", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:python-Pillow-tk-debuginfo", "p-cpe:/a:novell:opensuse:python-Pillow-debugsource", "p-cpe:/a:novell:opensuse:python-Pillow"], "id": "OPENSUSE-2016-339.NASL", "href": "https://www.tenable.com/plugins/nessus/89949", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-339.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89949);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-0740\", \"CVE-2016-0775\");\n\n script_name(english:\"openSUSE Security Update : python-Pillow (openSUSE-2016-339)\");\n script_summary(english:\"Check for the openSUSE-2016-339 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for python-Pillow fixes the following issues :\n\n - backport security fixes from 3.1.1\n (Pillow-overflows.patch) :\n\n - Fixed an integer overflow in Resample.c causing writes\n in the Python heap. \n\n - Fixed a buffer overflow in PcdDecode.c causing a\n segfault when opening PhotoCD files. CVE-2016-TBD\n\n - Fixed a buffer overflow in FliDecode.c causing a\n segfault when opening FLI files. CVE-2016-0775 (fixes\n boo#965582)\n\n - Fixed a buffer overflow in TiffDecode.c causing an\n arbitrary amount of memory to be overwritten when\n opening a specially crafted invalid TIFF file.\n CVE-2016-0740 (fixes boo#965579)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965582\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-Pillow packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-Pillow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-Pillow-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-Pillow-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-Pillow-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-Pillow-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-Pillow-2.8.1-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-Pillow-debuginfo-2.8.1-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-Pillow-debugsource-2.8.1-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-Pillow-tk-2.8.1-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-Pillow-tk-debuginfo-2.8.1-3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-Pillow-2.9.0-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-Pillow-debuginfo-2.9.0-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-Pillow-debugsource-2.9.0-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-Pillow-tk-2.9.0-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"python-Pillow-tk-debuginfo-2.9.0-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-Pillow / python-Pillow-debuginfo / python-Pillow-debugsource / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-01T06:43:58", "description": "Eric Soroos discovered that the Python Imaging Library incorrectly\nhandled certain malformed FLI or PhotoCD files. A remote attacker\ncould use this issue to cause Python Imaging Library to crash,\nresulting in a denial of service. (CVE-2016-0775, CVE-2016-2533)\n\nAndrew Drake discovered that the Python Imaging Libray incorrectly\nvalidated input. A remote attacker could use this to cause Python\nImaging Library to crash, resulting in a denial of service.\n(CVE-2014-3589).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "cvss3": {"score": 6.5, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2016-09-16T00:00:00", "title": "Ubuntu 12.04 LTS : python-imaging vulnerabilities (USN-3080-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-0775", "CVE-2016-2533", "CVE-2014-3589"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-imaging", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-3080-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93559", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3080-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93559);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2014-3589\", \"CVE-2016-0775\", \"CVE-2016-2533\");\n script_xref(name:\"USN\", value:\"3080-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : python-imaging vulnerabilities (USN-3080-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Eric Soroos discovered that the Python Imaging Library incorrectly\nhandled certain malformed FLI or PhotoCD files. A remote attacker\ncould use this issue to cause Python Imaging Library to crash,\nresulting in a denial of service. (CVE-2016-0775, CVE-2016-2533)\n\nAndrew Drake discovered that the Python Imaging Libray incorrectly\nvalidated input. A remote attacker could use this to cause Python\nImaging Library to crash, resulting in a denial of service.\n(CVE-2014-3589).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3080-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-imaging package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-imaging\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"python-imaging\", pkgver:\"1.1.7-4ubuntu0.12.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-imaging\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T11:05:32", "description": "The remote host is affected by the vulnerability described in GLSA-201612-52\n(Pillow: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Pillow. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A local attacker could perform symlink attacks to overwrite arbitrary\n files with the privileges of the user running the application, or obtain\n sensitive information.\n A remote attackers could execute arbitrary code with the privileges of\n the process, or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 23, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-01-03T00:00:00", "title": "GLSA-201612-52 : Pillow: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-4009", "CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2016-9190", "CVE-2014-1932", "CVE-2016-9189", "CVE-2014-1933"], "modified": "2017-01-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:pillow", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201612-52.NASL", "href": "https://www.tenable.com/plugins/nessus/96227", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201612-52.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96227);\n script_version(\"3.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-1932\", \"CVE-2014-1933\", \"CVE-2016-0740\", \"CVE-2016-0775\", \"CVE-2016-2533\", \"CVE-2016-4009\", \"CVE-2016-9189\", \"CVE-2016-9190\");\n script_xref(name:\"GLSA\", value:\"201612-52\");\n\n script_name(english:\"GLSA-201612-52 : Pillow: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201612-52\n(Pillow: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Pillow. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A local attacker could perform symlink attacks to overwrite arbitrary\n files with the privileges of the user running the application, or obtain\n sensitive information.\n A remote attackers could execute arbitrary code with the privileges of\n the process, or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201612-52\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Pillow users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-python/pillow-3.4.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pillow\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-python/pillow\", unaffected:make_list(\"ge 3.4.2\"), vulnerable:make_list(\"lt 3.4.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Pillow\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:35:37", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2014-9601", "CVE-2014-3589"], "description": "It was discovered that a flaw in processing a compressed text chunk in \na PNG image could cause the image to have a large size when decompressed, \npotentially leading to a denial of service. (CVE-2014-9601)\n\nAndrew Drake discovered that Pillow incorrectly validated input. A remote \nattacker could use this to cause Pillow to crash, resulting in a denial \nof service. (CVE-2014-3589)\n\nEric Soroos discovered that Pillow incorrectly handled certain malformed \nFLI, Tiff, and PhotoCD files. A remote attacker could use this issue to \ncause Pillow to crash, resulting in a denial of service. \n(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533)", "edition": 5, "modified": "2016-09-27T00:00:00", "published": "2016-09-27T00:00:00", "id": "USN-3090-1", "href": "https://ubuntu.com/security/notices/USN-3090-1", "title": "Pillow vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-18T01:36:15", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2014-9601", "CVE-2014-3589"], "description": "USN-3090-1 fixed vulnerabilities in Pillow. The patch to fix CVE-2014-9601 \ncaused a regression which resulted in failures when processing certain \npng images. This update temporarily reverts the security fix for CVE-2014-9601 \npending further investigation.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that a flaw in processing a compressed text chunk in \na PNG image could cause the image to have a large size when decompressed, \npotentially leading to a denial of service. (CVE-2014-9601)\n\nAndrew Drake discovered that Pillow incorrectly validated input. A remote \nattacker could use this to cause Pillow to crash, resulting in a denial \nof service. (CVE-2014-3589)\n\nEric Soroos discovered that Pillow incorrectly handled certain malformed \nFLI, Tiff, and PhotoCD files. A remote attacker could use this issue to \ncause Pillow to crash, resulting in a denial of service. \n(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533)", "edition": 5, "modified": "2016-09-30T00:00:00", "published": "2016-09-30T00:00:00", "id": "USN-3090-2", "href": "https://ubuntu.com/security/notices/USN-3090-2", "title": "Pillow regresssion", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-02T11:44:05", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0775", "CVE-2016-2533", "CVE-2014-3589"], "description": "Eric Soroos discovered that the Python Imaging Library incorrectly handled \ncertain malformed FLI or PhotoCD files. A remote attacker could use this \nissue to cause Python Imaging Library to crash, resulting in a denial of \nservice. (CVE-2016-0775, CVE-2016-2533)\n\nAndrew Drake discovered that the Python Imaging Libray incorrectly validated \ninput. A remote attacker could use this to cause Python Imaging Library to \ncrash, resulting in a denial of service. (CVE-2014-3589)", "edition": 5, "modified": "2016-09-15T00:00:00", "published": "2016-09-15T00:00:00", "id": "USN-3080-1", "href": "https://ubuntu.com/security/notices/USN-3080-1", "title": "Python Imaging Library vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0740", "CVE-2016-0775"], "description": "Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt ), devel (development) and doc (documentation). ", "modified": "2016-02-09T20:55:54", "published": "2016-02-09T20:55:54", "id": "FEDORA:3633D60617FF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: python-pillow-3.0.0-2.fc23", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0740", "CVE-2016-0775"], "description": "Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt ), devel (development) and doc (documentation). ", "modified": "2016-02-21T02:28:07", "published": "2016-02-21T02:28:07", "id": "FEDORA:3877960A4EC9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: python-pillow-2.8.2-4.fc22", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "gentoo": [{"lastseen": "2017-01-01T02:13:30", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4009", "CVE-2016-0775", "CVE-2016-0740", "CVE-2016-2533", "CVE-2016-9190", "CVE-2014-1932", "CVE-2016-9189", "CVE-2014-1933"], "edition": 1, "description": "### Background\n\nThe friendly PIL fork.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Pillow. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application, or obtain sensitive information. \n\nA remote attackers could execute arbitrary code with the privileges of the process, or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Pillow users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-python/pillow-3.4.2\"", "modified": "2016-12-31T00:00:00", "published": "2016-12-31T00:00:00", "href": "https://security.gentoo.org/glsa/201612-52", "id": "GLSA-201612-52", "type": "gentoo", "title": "Pillow: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "github": [{"lastseen": "2020-12-24T13:33:02", "bulletinFamily": "software", "cvelist": ["CVE-2016-2533"], "description": "Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.", "edition": 3, "modified": "2019-07-03T21:02:01", "published": "2018-07-24T20:15:13", "id": "GHSA-3C5C-7235-994J", "href": "https://github.com/advisories/GHSA-3c5c-7235-994j", "title": "Moderate severity vulnerability that affects Pillow", "type": "github", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-24T13:33:02", "bulletinFamily": "software", "cvelist": ["CVE-2016-0740"], "description": "Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.", "edition": 3, "modified": "2019-07-03T21:02:01", "published": "2018-07-24T20:03:51", "id": "GHSA-HGGX-3H72-49WW", "href": "https://github.com/advisories/GHSA-hggx-3h72-49ww", "title": "Moderate severity vulnerability that affects Pillow", "type": "github", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-24T13:33:02", "bulletinFamily": "software", "cvelist": ["CVE-2016-0775"], "description": "Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.", "edition": 3, "modified": "2019-07-03T21:02:01", "published": "2018-07-24T20:15:36", "id": "GHSA-8XJV-V9XQ-M5H9", "href": "https://github.com/advisories/GHSA-8xjv-v9xq-m5h9", "title": "Moderate severity vulnerability that affects Pillow", "type": "github", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:50", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0740"], "description": "\nThe Pillow maintainers report:\n\nPillow 3.1.0 and earlier when linked against libtiff >= 4.0.0 on\n\t x64 may overflow a buffer when reading a specially crafted tiff\n\t file.\nSpecifically, libtiff >= 4.0.0 changed the return type of\n\t TIFFScanlineSize from int32 to machine dependent int32|64. If the\n\t scanline is sized so that it overflows an int32, it may be\n\t interpreted as a negative number, which will then pass the size check\n\t in TiffDecode.c line 236. To do this, the logical scanline size has\n\t to be > 2gb, and for the test file, the allocated buffer size is 64k\n\t against a roughly 4gb scan line size. Any image data over 64k is\n\t written over the heap, causing a segfault.\nThis issue was found by security researcher FourOne.\n\n", "edition": 4, "modified": "2016-02-04T00:00:00", "published": "2016-02-04T00:00:00", "id": "53252879-CF11-11E5-805C-5453ED2E2B49", "href": "https://vuxml.freebsd.org/freebsd/53252879-cf11-11e5-805c-5453ed2e2b49.html", "title": "py-pillow -- Buffer overflow in TIFF decoding code", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:50", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0775"], "description": "\nThe Pillow maintainers report:\n\nIn all versions of Pillow, dating back at least to the last PIL\n\t 1.1.7 release, FliDecode.c has a buffer overflow error.\nThere is a memcpy error where x is added to a target buffer\n\t address. X is used in several internal temporary variable roles,\n\t but can take a value up to the width of the image. Im->image[y]\n\t is a set of row pointers to segments of memory that are the size of\n\t the row. At the max y, this will write the contents of the line off\n\t the end of the memory buffer, causing a segfault.\nThis issue was found by Alyssa Besseling at Atlassian.\n\n", "edition": 4, "modified": "2016-02-05T00:00:00", "published": "2016-02-05T00:00:00", "id": "6EA60E00-CF13-11E5-805C-5453ED2E2B49", "href": "https://vuxml.freebsd.org/freebsd/6ea60e00-cf13-11e5-805c-5453ed2e2b49.html", "title": "py-imaging, py-pillow -- Buffer overflow in FLI decoding code", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:24:28", "bulletinFamily": "unix", "cvelist": ["CVE-2016-0775"], "description": "Package : python-imaging\nVersion : 1.1.7-2+deb6u2\nCVE ID : CVE-2016-0775\nDebian Bug : 813909\n\n\nTwo buffer overflows were discovered in python-imaging, a Python\nlibrary for loading and manipulating image files, which may lead to\nthe execution of arbitrary code.\n\n\nCVE-2016-0775\n\tBuffer overflow in FliDecode.c\n\nThe second buffer overflow was in PcdDecode.c. A CVE identifier has\nnot been assigned yet.\n\nFor Debian 6 &quot;Squeeze&quot;, these problems have been fixed in version\n1.1.7-2+deb6u2.\n\nWe recommend that you upgrade your python-imaging packages.\n\n", "edition": 3, "modified": "2016-02-21T14:05:21", "published": "2016-02-21T14:05:21", "id": "DEBIAN:DLA-422-1:B38FE", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201602/msg00014.html", "title": "[SECURITY] [DLA 422-1] python-imaging security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "threatpost": [{"lastseen": "2018-10-06T22:54:36", "bulletinFamily": "info", "cvelist": ["CVE-2016-2533", "CVE-2016-6533"], "description": "A popular Android app used to access corporate email, calendar and contacts via Microsoft Exchange servers is vulnerable to leaking user credentials to attackers.\n\nThe application called Nine, according to researchers at Rapid7, could allow an attacker to launch a man-in-the-middle attack, allowing them to steal corporate usernames and passwords of victims.\n\nThe Nine app, installed on as many as one million Android devices according to Google Play download data, released a Version 3.1.0 update to its application on Thursday to address the vulnerability.\n\nRapid7 researcher Derek Abdine discovered the vulnerability in August and publicly disclosed the bug (CVE-2016-6533) on Tuesday. The problem said Tod Beardsley, senior security research manager at Rapid7, is that the Nine app lacked certificate validation when connecting to a Microsoft Exchange server \u2013 regardless of SSL/TLS trust settings.\n\n\u201cAttackers can pluck names and passwords out of the traffic or snag confidential emails as they pass by. Basically it\u2019s game over for victims,\u201d Beardsley said.\n\nAccording to Rapid7, the attacker and victim would have to share the same mobile network to carry out the vulnerability. In a likely scenario, an attacker would use a rogue Wi-Fi wireless access point (WAP) configured to capture Nine application traffic to Microsoft Exchange servers. Next, when the unsuspecting Nine user connected to that malicious access point, the attacker can intercept traffic and obtain the target\u2019s Active Directory login credentials.\n\n\u201cAn attacker in a privileged position within the same network as the mobile device running Nine can man-in-the-middle traffic to the remote Exchange server (such as outlook.office365.com in the case of outlook365 corporate email),\u201d wrote Rapid7 [in a blog post describing the vulnerability](<https://community.rapid7.com/community/infosec/blog/2016/10/11/r7-2016-21-nine-folders-certificate-validation-vulnerability-cve-2016-2533>).\n\nUsing a common hacking tool such as a mitmproxy, a hacker can easily capture base64-encoded account credentials and decode them. \u201cThe attacker could funnel HTTPS traffic to mitmproxy which serves self-signed certificates from an otherwise invalid certificate authority,\u201d Rapid7 wrote.\n\n\u201cCommunication between Nine and the remote Exchange ActiveSync service may happen when the victim opens his or her phone, when an email is received (and push is enabled), or when the phone polls the remote service. All communication packets contain the victim\u2019s credentials in a HTTP basic authentication header,\u201d according to Rapid7.\n\nThe South Korean firm has updated its app to version 3.1.0, which includes certificate validation support that fixes the flaw, Beardsley confirmed. Because each Android handset is configured differently when it comes to automatic updates, Beardsley suggests any Nine application user should manually update their app to the latest version.\n", "modified": "2016-10-13T23:30:10", "published": "2016-10-14T08:00:37", "id": "THREATPOST:0B65755405740D9B3D1D473DAFD22D2E", "href": "https://threatpost.com/popular-android-app-leaks-microsoft-exchange-user-credentials/121298/", "type": "threatpost", "title": "Popular Android App Leaks Microsoft Exchange User Credentials", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}