Lucene search
K

6 matches found

CVE
CVE
added 2016/04/13 4:0 p.m.189 views

CVE-2016-2533

CVE-2016-2533 affects Pillow and PIL prior to versions that fix the ImagingPcdDecode function in PcdDecode.c. A crafted PhotoCD file can cause a remote denial of service (crash) due to a buffer overflow in Pillow before 3.1.1 and PIL 1.1.7 and earlier. In all connected sources, the vulnerability ...

6.5CVSS6.2AI score0.03998EPSS
CVE
CVE
added 2016/04/13 4:0 p.m.154 views

CVE-2016-0775

Pillow (Python Imaging Library fork) contains a buffer overflow in ImagingFliDecode (libImaging/FliDecode.c) that affects versions before 3.1.1. A crafted FLI file can crash the process (DoS) or, per some sources, enable arbitrary code execution in affected contexts. The issue is documented acros...

6.5CVSS6.2AI score0.02689EPSS
CVE
CVE
added 2016/11/04 10:0 a.m.144 views

CVE-2016-9189

CVE-2016-9189 concerns Pillow (Python Imaging Library fork). Affected: Pillow versions before 3.3.2. Root cause: integer overflow in Image.core.map_buffer within map.c that can be exploited via crafted image files. Impact: information disclosure (partial confidentiality) per CVSS data; local expl...

5.5CVSS5.9AI score0.01861EPSS
CVE
CVE
added 2016/11/04 10:0 a.m.141 views

CVE-2016-9190

Pillow (Python Imaging Library) prior to version 3.3.2 is affected by CVE-2016-9190. The bug arises from an Insecure Sign Extension issue in ImagingNew within Storage.c, enabling context-dependent attackers to achieve arbitrary code execution via a crafted image file. Affected versions are Pillow...

7.8CVSS7.9AI score0.02026EPSS
CVE
CVE
added 2016/04/13 4:0 p.m.135 views

CVE-2016-0740

Pillow vulnerability CVE-2016-0740: Buffer overflow in ImagingLibTiffDecode (libImaging/TiffDecode.c) allows remote attackers to overwrite memory via a crafted TIFF file. Affected software: Pillow prior to 3.1.1. Impact is memory corruption; exploitation requires processing a malformed TIFF. Reme...

6.5CVSS6.4AI score0.0236EPSS
CVE
CVE
added 2016/04/13 4:0 p.m.108 views

CVE-2016-4009

CVE-2016-4009 affects Pillow (PIL fork): an integer overflow in ImagingResampleHorizontal (libImaging/Resample.c) for Pillow before 3.1.1 allows remote attackers to trigger a heap-based buffer overflow by supplying negative values for the new size. This yields a potential crash or other memory co...

10CVSS8.8AI score0.07871EPSS