Описание
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| imagemagick | fixed | 8:6.9.9.34+dfsg-3 | package | |
| imagemagick | not-affected | jessie | package | |
| imagemagick | not-affected | wheezy | package |
Примечания
https://github.com/ImageMagick/ImageMagick/issues/645
https://github.com/ImageMagick/ImageMagick/commit/90ed66889d6455a1d7f36e939977fa099e2d7ca7
ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/90ed66889d6455a1d7f36e939977fa099e2d7ca7
EPSS
Связанные уязвимости
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
Уязвимость функции ReadPSDLayersInternal компонента coders/psd.c консольного графического редактора ImageMagick, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS