{"id":"CVE-2016-2533","details":"Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.","aliases":["GHSA-3c5c-7235-994j","PYSEC-2016-19"],"modified":"2026-04-07T18:41:11.709792018Z","published":"2016-04-13T16:59:14.600Z","related":["SUSE-SU-2019:2334-1","SUSE-SU-2020:1194-1"],"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2016/02/02/5"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2016/02/22/2"},{"type":"WEB","url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3499"},{"type":"ADVISORY","url":"https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201612-52"},{"type":"FIX","url":"https://github.com/python-pillow/Pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9#diff-8ff6909c159597e22288ad818938fd6b"},{"type":"FIX","url":"https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b"},{"type":"FIX","url":"https://github.com/python-pillow/Pillow/pull/1706"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/python-pillow/Pillow","events":[{"introduced":"0"},{"last_affected":"fff5536b37c2d619c66c1189b6925fa0a8df3822"},{"introduced":"0"},{"last_affected":"1cecf08d16509c20473766b4cdb7a65169844819"},{"introduced":"0"},{"last_affected":"235a7d6d7deab9555dc2c1b42fdf11243f6080e8"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.1.0"},{"introduced":"0"},{"last_affected":"7.0"},{"introduced":"0"},{"last_affected":"8.0"}]}},{"type":"GIT","repo":"https://github.com/python-pillow/pillow","events":[{"introduced":"0"},{"fixed":"5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9"},{"fixed":"ae453aa18b66af54e7ff716f4ccb33adca60afd4"}]}],"versions":["1.0","1.2","1.7.6","1.7.7","1.7.8","2.0.0","2.1.0","2.2.0","2.2.1","2.2.2","2.3.0","2.5.0","2.6.0","2.6.0-rc1","2.7.0","2.8.0","2.8.1","2.9.0","2.9.0.dev0","2.9.0.dev1","2.9.0.dev2","3.0.0","3.1.0","3.1.0-rc1"],"database_specific":{"vanir_signatures":[{"target":{"file":"libImaging/PcdDecode.c"},"id":"CVE-2016-2533-8b4ca020","source":"https://github.com/python-pillow/pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4","signature_type":"Line","deprecated":false,"digest":{"line_hashes":["243576619890553771933049052307961487112","159213527502674527969643437745726801554","45146649394448460556352801206302482404","53128559915082015387888206077850571244","105545442111552753224521131184882741405","159213527502674527969643437745726801554","45146649394448460556352801206302482404","53128559915082015387888206077850571244"],"threshold":0.9},"signature_version":"v1"},{"target":{"function":"ImagingPcdDecode","file":"libImaging/PcdDecode.c"},"source":"https://github.com/python-pillow/pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4","signature_type":"Function","id":"CVE-2016-2533-98c38d44","deprecated":false,"digest":{"function_hash":"168762087425834242494109050733475827334","length":1022},"signature_version":"v1"},{"target":{"file":"libImaging/PcdDecode.c"},"signature_type":"Line","id":"CVE-2016-2533-a27dff82","source":"https://github.com/python-pillow/pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["243576619890553771933049052307961487112","159213527502674527969643437745726801554","45146649394448460556352801206302482404","53128559915082015387888206077850571244","105545442111552753224521131184882741405","159213527502674527969643437745726801554","45146649394448460556352801206302482404","53128559915082015387888206077850571244"],"threshold":0.9}},{"target":{"function":"ImagingPcdDecode","file":"libImaging/PcdDecode.c"},"signature_type":"Function","id":"CVE-2016-2533-f60f3dd6","source":"https://github.com/python-pillow/pillow/commit/5bdf54b5a76b54fb00bd05f2d733e0a4173eefc9","deprecated":false,"signature_version":"v1","digest":{"function_hash":"168762087425834242494109050733475827334","length":1022}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.1.7"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2533.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}