CVE-2015-8903

Опубликовано: 27 фев. 2017

Источник: debian

Описание

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
imagemagick	fixed	8:6.9.1.2-1	experimental	package
imagemagick	fixed	8:6.8.9.9-6		package
imagemagick	fixed	8:6.8.9.9-5+deb8u1	jessie	package
imagemagick	no-dsa		squeeze	package

Примечания

https://www.openwall.com/lists/oss-security/2015/02/20/4
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
http://web.archive.org/web/20150428140926/http://trac.imagemagick.org/changeset/17856

Связанные уязвимости

CVE-2015-8903

CVSS3: 6.5

ubuntu

почти 9 лет назад

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

CVE-2015-8903

redhat

почти 11 лет назад

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

CVE-2015-8903

CVSS3: 6.5

nvd

почти 9 лет назад

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

GHSA-chrm-v6g8-h3f6

CVSS3: 6.5

github

больше 3 лет назад

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

SUSE-SU-2016:1783-1

suse-cvrf

больше 9 лет назад

Security update for GraphicsMagick