Описание
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | python-imaging | Not affected | ||
| Red Hat Enterprise Linux 6 | python-imaging | Not affected | ||
| Red Hat Enterprise Linux 7 | python-pillow | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1298874python-pillow: Integer overflow resulting in buffer overflow when reading invalid tiff file
5.1 Medium
CVSS2
Связанные уязвимости
CVSS3: 6.5
ubuntu
почти 10 лет назад
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.
CVSS3: 6.5
nvd
почти 10 лет назад
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.
CVSS3: 6.5
debian
почти 10 лет назад
Buffer overflow in the ImagingLibTiffDecode function in libImaging/Tif ...
5.1 Medium
CVSS2