CVE-2016-2533 - OpenCVE

Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Python Imaging Project	Python Imaging
Python	Pillow

Configuration 1 [-]

OR	cpe:2.3:a:python:pillow::::::::
	cpe:2.3:a:python_imaging_project:python_imaging::::::::

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*

References

Link	Resource
http://www.debian.org/security/2016/dsa-3499
http://www.openwall.com/lists/oss-security/2016/02/02/5
http://www.openwall.com/lists/oss-security/2016/02/22/2
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst	Vendor Advisory
https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b
https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b
https://github.com/python-pillow/Pillow/pull/1706
https://security.gentoo.org/glsa/201612-52

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-04-13T16:00:00

Updated: 2017-06-30T16:57:01

Reserved: 2016-02-22T00:00:00

Link: CVE-2016-2533

JSON object: View

NVD Information

Status : Modified

Published: 2016-04-13T16:59:14.600

Modified: 2017-07-01T01:29:38.907

Link: CVE-2016-2533

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-02T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-30T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201612-52", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201612-52"}, {"name": "[oss-security] 20160222 Re: CVE Request -- Buffer overflow in Python-Pillow and PIL", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/02/22/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b"}, {"name": "DSA-3499", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3499"}, {"name": "[oss-security] 20160202 CVE Request -- Buffer overflow in Python-Pillow and PIL", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/02/02/5"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-pillow/Pillow/pull/1706"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-2533", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201612-52", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201612-52"}, {"name": "[oss-security] 20160222 Re: CVE Request -- Buffer overflow in Python-Pillow and PIL", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/02/22/2"}, {"name": "https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b", "refsource": "CONFIRM", "url": "https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b"}, {"name": "DSA-3499", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3499"}, {"name": "[oss-security] 20160202 CVE Request -- Buffer overflow in Python-Pillow and PIL", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/02/02/5"}, {"name": "https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b", "refsource": "CONFIRM", "url": "https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b"}, {"name": "https://github.com/python-pillow/Pillow/pull/1706", "refsource": "CONFIRM", "url": "https://github.com/python-pillow/Pillow/pull/1706"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"}, {"name": "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst", "refsource": "CONFIRM", "url": "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-2533", "datePublished": "2016-04-13T16:00:00", "dateReserved": "2016-02-22T00:00:00", "dateUpdated": "2017-06-30T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F573E4A-55AB-4868-8CA1-7C7E5EEAC905", "versionEndIncluding": "3.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:python_imaging_project:python_imaging:*:*:*:*:*:*:*:*", "matchCriteriaId": "7587F262-02CB-4294-8CC3-364415D5D6B5", "versionEndIncluding": "1.1.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file."}, {"lang": "es", "value": "Desbordamiento de buffer en la funci\u00f3n ImagengPcdDecode en PcdDecode.c en Pillow en versiones anteriores a 3.1.1 y Python Imageng Library (PIL) 1.1.7 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un archivo PhotoCD manipulado."}], "id": "CVE-2016-2533", "lastModified": "2017-07-01T01:29:38.907", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-13T16:59:14.600", "references": [{"source": "cve@mitre.org", "url": "http://www.debian.org/security/2016/dsa-3499"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2016/02/02/5"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2016/02/22/2"}, {"source": "cve@mitre.org", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst"}, {"source": "cve@mitre.org", "url": "https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b"}, {"source": "cve@mitre.org", "url": "https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b"}, {"source": "cve@mitre.org", "url": "https://github.com/python-pillow/Pillow/pull/1706"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201612-52"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}