CVE-2016-4009 in Pillowinfo

Summary

Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/13/2016

Disclosure

04/13/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

9.8

EPSS

0.05263

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-4009
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-4009
CVE Details	https://www.cvedetails.com/cve/CVE-2016-4009/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!