Vulnerability CVE-2016-2533

Vulnerability Name:

CVE-2016-2533 (CCN-112319)

Assigned:

2016-04-13

Published:

2016-04-13

Updated:

2017-07-01

Summary:

Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

6.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
5.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

6.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-2533

Source: DEBIAN
Type: UNKNOWN
DSA-3499

Source: CCN
Type: oss-sec Mailing List, Tue, 2 Feb 2016 18:51:24 +0000
Buffer overflow in Python-Pillow and PIL

Source: MLIST
Type: UNKNOWN
[oss-security] 20160202 CVE Request -- Buffer overflow in Python-Pillow and PIL

Source: MLIST
Type: UNKNOWN
[oss-security] 20160222 Re: CVE Request -- Buffer overflow in Python-Pillow and PIL

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

Source: XF
Type: UNKNOWN
pillow-cve20162533-bo(112319)

Source: CCN
Type: Pillow GIT Repository
3.2.0 (unreleased)

Source: CONFIRM
Type: Vendor Advisory
https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst

Source: CONFIRM
Type: UNKNOWN
https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b

Source: CONFIRM
Type: UNKNOWN
https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b

Source: CONFIRM
Type: UNKNOWN
https://github.com/python-pillow/Pillow/pull/1706

Source: GENTOO
Type: UNKNOWN
GLSA-201612-52

Vulnerable Configuration:

Configuration 1:

cpe:/a:python:pillow:*:*:*:*:*:*:*:* (Version <= 3.1.0)

OR cpe:/a:python_imaging_project:python_imaging:*:*:*:*:*:*:*:* (Version <= 1.1.7)

Configuration 2:

cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:python:pillow:3.1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20162533	V	CVE-2016-2533	2022-05-22
oval:org.opensuse.security:def:58059	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:58021	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:57947	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:57462	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:57017	P	Security update for qemu (Important)	2021-06-08
oval:org.opensuse.security:def:57190	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:58090	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:57855	P	libsrtp1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56639	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:58140	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:57296	P	Security update for acroread	2020-12-01
oval:org.opensuse.security:def:56779	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:56616	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:58164	P	Security update for python-Pillow (Moderate)	2020-12-01
oval:org.opensuse.security:def:57747	P	jakarta-commons-fileupload on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56617	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:80799	P	Security update for python-Pillow (Moderate)	2019-09-09
oval:com.ubuntu.precise:def:20162533000	V	CVE-2016-2533 on Ubuntu 12.04 LTS (precise) - medium.	2016-04-13
oval:com.ubuntu.trusty:def:20162533000	V	CVE-2016-2533 on Ubuntu 14.04 LTS (trusty) - medium.	2016-04-13
oval:com.ubuntu.xenial:def:20162533000	V	CVE-2016-2533 on Ubuntu 16.04 LTS (xenial) - medium.	2016-04-13
oval:com.ubuntu.xenial:def:201625330000000	V	CVE-2016-2533 on Ubuntu 16.04 LTS (xenial) - medium.	2016-04-13

BACK