CVE-2016-9190
Description
Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the crafted image file approach, related to an Insecure Sign Extension issue affecting the ImagingNew in Storage.c component.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.566
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-9189,CVE-2016-9190 are fixed in Python-pillow 3.3.2 | Windows |
| Python Imaging Library (USN-3229-1) python-imaging_1.1.7-4ubuntu0.12.04.3_i386.deb | Linux |
| Python Imaging Library (USN-3229-1) python-imaging_1.1.7-4ubuntu0.12.04.3_amd64.deb | Linux |
| Python Imaging Library (USN-3230-1) python-pil_2.3.0-1ubuntu3.4_i386.deb | Linux |
| Python Imaging Library (USN-3230-1) python-pil_2.3.0-1ubuntu3.4_amd64.deb | Linux |
| Python Imaging Library (USN-3230-1) python-pil_3.1.2-0ubuntu1.1_i386.deb | Linux |
| Python Imaging Library (USN-3230-1) python-pil_3.1.2-0ubuntu1.1_amd64.deb | Linux |
| Python Imaging Library (USN-3230-1) python-pil_3.3.1-1ubuntu0.1_i386.deb | Linux |
| Python Imaging Library (USN-3230-1) python-pil_3.3.1-1ubuntu0.1_amd64.deb | Linux |
| Python Imaging Library (USN-3230-1) python3-pil_2.3.0-1ubuntu3.4_i386.deb | Linux |
| Python Imaging Library (USN-3230-1) python3-pil_2.3.0-1ubuntu3.4_amd64.deb | Linux |
| Python Imaging Library (USN-3230-1) python3-pil_3.1.2-0ubuntu1.1_i386.deb | Linux |
| Python Imaging Library (USN-3230-1) python3-pil_3.1.2-0ubuntu1.1_amd64.deb | Linux |
| Python Imaging Library (USN-3230-1) python3-pil_3.3.1-1ubuntu0.1_i386.deb | Linux |
| Python Imaging Library (USN-3230-1) python3-pil_3.3.1-1ubuntu0.1_amd64.deb | Linux |
| Python Imaging Library (USN-3230-1) python-imaging_2.3.0-1ubuntu3.4_all.deb | Linux |
| Python Imaging Library (USN-3230-1) python-imaging_3.1.2-0ubuntu1.1_all.deb | Linux |
| Python Imaging Library (USN-3230-1) python-imaging_3.3.1-1ubuntu0.1_all.deb | Linux |
| Python Imaging Library (USN-3230-1) python3-imaging_2.3.0-1ubuntu3.4_all.deb | Linux |
| Vulnerabilities CVE-2016-9189,CVE-2016-9190 are fixed in Python-pillow for linux 3.3.2 | Linux |
| Improper Access Control Vulnerability (CVE-2016-9190) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234