Oracle Solaris Third-Party Patch Update : py_pil (cve_2014_3589_input_validation)
Medium Nessus Plugin ID 80747
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size. (CVE-2014-3589)
SolutionUpgrade to Solaris 188.8.131.52.0.