CVE-2016-0740

NameCVE-2016-0740
DescriptionBuffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-3499-1
NVD severitymedium (attack range: remote)
Debian Bugs813905

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
pillow (PTS)jessie (security), jessie2.6.1-2+deb8u3fixed
stretch4.0.0-4fixed
buster4.2.1-1fixed
sid4.3.0-1fixed
python-imaging (PTS)wheezy1.1.7-4+deb7u2fixed
wheezy (security)1.1.7-4+deb7u3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
pillowsource(unstable)3.1.1-1medium813905
pillowsourcejessie2.6.1-2+deb8u2mediumDSA-3499-1
python-imagingsource(unstable)(not affected)

Notes

- python-imaging <not-affected> (Vulnerable code introduce in 2.0.0)
Issue when linked against libtiff >= 4.0.0
Fixed by: https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e (3.1.1)
Introduced by: https://github.com/python-pillow/Pillow/commit/e782fe721e0156de9636e78cd881d9f9e7e6ce50 (2.0.0)

Search for package or bug name: Reporting problems