Description
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.
References (7)
Core 7
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201612-52
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/02/10/15
Exploit, Patch x_refsource_confirm
https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/02/11/1
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2168-1
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/65513
Scores
EPSS
0.0011
EPSS Percentile
29.0%
Details
CWE
CWE-264
Status
published
Products (3)
pypi/pillow
0 - 2.3.1PyPI
python/pillow
< 2.3.0
pythonware/python_imaging_library
< 1.1.7
Published
Apr 17, 2014
Tracked Since
Feb 18, 2026