Arbitrary Code Execution Vulnerability in Pillow (CVE-2017-8299)
CVE-2016-9190 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component.
Learn more about our Web Application Penetration Testing UK.