CVE-2017-13769

Опубликовано: 30 авг. 2017

Источник: debian

Описание

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
imagemagick	fixed	8:6.9.9.34+dfsg-3		package

Примечания

https://github.com/ImageMagick/ImageMagick/issues/705
https://github.com/ImageMagick/ImageMagick/commit/45d342155b5e9b83904c695411d20f33cf9b524c
ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/457e63263de6f732785608504b6e607799ad3dd5
Extra checks:
https://github.com/ImageMagick/ImageMagick/commit/5a3897693a8b4e97add649c0ca1d538bd90f59c9
ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/abb9d1322317733b799e8b87b2e346b3038f3260

Связанные уязвимости

CVE-2017-13769

CVSS3: 6.5

ubuntu

больше 8 лет назад

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

CVE-2017-13769

CVSS3: 4.4

redhat

больше 8 лет назад

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

CVE-2017-13769

CVSS3: 6.5

nvd

больше 8 лет назад

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

GHSA-85pw-3h95-6vc4

CVSS3: 6.5

github

больше 3 лет назад

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

SUSE-SU-2017:3378-1

suse-cvrf

около 8 лет назад

Security update for ImageMagick