FreeBSD : py-pillow -- Integer overflow in Resample.c (0519db18-cf15-11e5-805c-5453ed2e2b49)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

The Pillow maintainers report :

If a large value was passed into the new size for an image, it is
possible to overflow an int32 value passed into malloc, leading the
malloc'd buffer to be undersized. These allocations are followed by
a loop that writes out of bounds. This can lead to corruption on the
heap of the Python process with attacker controlled float data.

This issue was found by Ned Williamson.

See also :

Solution :

Update the affected packages.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 88665 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now