CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-3007

Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.2%

CVSS Severity

CVSS v2 Score 10.0

References

http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1932.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1932.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737059

Products affected by CVE-2014-3007

Python » Pillow » Version: 2.3.0

cpe:2.3:a:python:pillow:2.3.0
Pythonware » Python Imaging Library » Version: 1.1.5

cpe:2.3:a:pythonware:python_imaging_library:1.1.5
Pythonware » Python Imaging Library » Version: 1.1.6

cpe:2.3:a:pythonware:python_imaging_library:1.1.6
Pythonware » Python Imaging Library » Version: 1.1.7

cpe:2.3:a:pythonware:python_imaging_library:1.1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3007

Products

Pricing

Contact Us