Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-14739

Опубликовано: 26 сент. 2017
Источник: debian

Описание

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:6.9.9.34+dfsg-3package

Примечания

  • https://github.com/ImageMagick/ImageMagick/issues/780

  • https://github.com/ImageMagick/ImageMagick/commit/6017a80fe8327fefb77fa677d81154db2b857d1d

  • ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/700fcf95b2c3f554dfbe75833b91f19dde208089

  • Requires additional fixes:

  • https://github.com/ImageMagick/ImageMagick/commit/bbc582d5439a7f9338c6bdc8c34b1ae221ae5214

  • ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/67a633df9386704f45d1ad24f7f5af8a5d11f4a3

Связанные уязвимости

ubuntu логотип

CVE-2017-14739

CVSS3: 7.5
ubuntu
больше 8 лет назад

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

redhat логотип

CVE-2017-14739

CVSS3: 3.3
redhat
больше 8 лет назад

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

nvd логотип

CVE-2017-14739

CVSS3: 7.5
nvd
больше 8 лет назад

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

github логотип

GHSA-rr89-5f32-2jmj

CVSS3: 7.5
github
больше 3 лет назад

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

fstec логотип

BDU:2021-03369

CVSS3: 7.5
fstec
больше 8 лет назад

Уязвимость функции AcquireResampleFilterThreadSet компонента magick/resample-private.h консольного графического редактора ImageMagick, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании