CVE-2017-14248

Опубликовано: 11 сент. 2017

Источник: debian

Описание

A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
imagemagick	not-affected			package

Примечания

https://github.com/ImageMagick/ImageMagick/issues/717
https://github.com/ImageMagick/ImageMagick/commit/c5402b6e0fcf8b694ae2af6a6652ebb8ce0ccf46

Связанные уязвимости

CVE-2017-14248

CVSS3: 6.5

ubuntu

больше 8 лет назад

A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.

CVE-2017-14248

CVSS3: 3.3

redhat

больше 8 лет назад

A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.

CVE-2017-14248

CVSS3: 6.5

nvd

больше 8 лет назад

A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.

GHSA-33wr-mxv7-p2hc

CVSS3: 6.5

github

больше 3 лет назад

A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.