Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-7275

Опубликовано: 27 мар. 2017
Источник: debian

Описание

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickunfixedpackage

Примечания

  • https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/

  • https://github.com/ImageMagick/ImageMagick/issues/271

  • Furthermore: upstream is not able to reproduce the problem as well

  • The problem result in a memory allocation issue when compiled with ASAN

  • but unreproducible from unstream. Since no more details can be provided

  • and the issue not addressed, treat this as "non-issue" (and thus marked

  • unimportant). If in future details can be elaborated by the reporter

  • we might re-evaluate this entry.

Связанные уязвимости

ubuntu логотип

CVE-2017-7275

CVSS3: 5.5
ubuntu
почти 9 лет назад

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

redhat логотип

CVE-2017-7275

CVSS3: 3.3
redhat
почти 9 лет назад

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

nvd логотип

CVE-2017-7275

CVSS3: 5.5
nvd
почти 9 лет назад

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

github логотип

GHSA-5rcv-qr5q-7p43

CVSS3: 5.5
github
больше 3 лет назад

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.