gsd-2014-1933
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-1933",
"description": "The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.",
"id": "GSD-2014-1933",
"references": [
"https://www.suse.com/security/cve/CVE-2014-1933.html",
"https://advisories.mageia.org/CVE-2014-1933.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2014-1933"
],
"details": "The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.",
"id": "GSD-2014-1933",
"modified": "2023-12-13T01:22:51.304477Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201612-52",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-52"
},
{
"name": "[oss-security] 20140210 CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/02/10/15"
},
{
"name": "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7",
"refsource": "CONFIRM",
"url": "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7"
},
{
"name": "[oss-security] 20140210 Re: CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/02/11/1"
},
{
"name": "USN-2168-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2168-1"
},
{
"name": "openSUSE-SU-2014:0591",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html"
},
{
"name": "65513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65513"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.3.1",
"affected_versions": "All versions before 2.3.1",
"credit": "Jakub Wilk",
"cvss_v2": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-264",
"CWE-937"
],
"date": "2017-06-30",
"description": "In JpegImagePlugin.py, the load_jpeg(self) method generates a temporary file name and sends it to an external process. It is possible to alter the target file before it is read since the command line arguments are not kept secret.",
"fixed_versions": [
"2.3.1"
],
"identifier": "CVE-2014-1933",
"identifiers": [
"CVE-2014-1933"
],
"not_impacted": "All versions starting from 2.3.1",
"package_slug": "pypi/Pillow",
"pubdate": "2014-04-17",
"solution": "Upgrade to version 2.3.1 or above.",
"title": "Temporary file name leakage",
"urls": [
"http://seclists.org/oss-sec/2014/q1/310",
"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059"
],
"uuid": "09f01325-f3e8-4153-9bc5-537330ffa30f"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pythonware:python_imaging_library:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1933"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2168-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2168-1"
},
{
"name": "[oss-security] 20140210 CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2014/02/10/15"
},
{
"name": "[oss-security] 20140210 Re: CVE requests: Pacemaker, Python Imaging Library, eyeD3, 9base, rc, Gamera, RPLY - insecure use of /tmp",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2014/02/11/1"
},
{
"name": "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7"
},
{
"name": "openSUSE-SU-2014:0591",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html"
},
{
"name": "65513",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/65513"
},
{
"name": "GLSA-201612-52",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201612-52"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-07-01T01:29Z",
"publishedDate": "2014-04-17T14:55Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.