FreeBSD : Pillow -- multiple vulnerabilities (bc4898d5-a794-11e6-b2d3-60a44ce6887b)

high Nessus Plugin ID 95513

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Pillow reports :

Pillow prior to 3.3.2 may experience integer overflow errors in map.c when reading specially crafted image files. This may lead to memory disclosure or corruption.

Pillow prior to 3.3.2 and PIL 1.1.7 (at least) do not check for negative image sizes in ImagingNew in Storage.c. A negative image size can lead to a smaller allocation than expected, leading to arbi trary writes.

Solution

Update the affected packages.

See Also

https://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html

https://github.com/python-pillow/Pillow/issues/2105

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214410

http://www.nessus.org/u?1cd0e36a

Plugin Details

Severity: High

ID: 95513

File Name: freebsd_pkg_bc4898d5a79411e6b2d360a44ce6887b.nasl

Version: 3.4

Type: local

Published: 12/5/2016

Updated: 1/4/2021

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:py27-pillow, p-cpe:/a:freebsd:freebsd:py33-pillow, p-cpe:/a:freebsd:freebsd:py34-pillow, p-cpe:/a:freebsd:freebsd:py35-pillow, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 12/4/2016

Vulnerability Publication Date: 9/6/2016

Reference Information

CVE: CVE-2016-9189, CVE-2016-9190