CVE-2017-9500

Опубликовано: 07 июн. 2017

Источник: debian

EPSS Низкий

Описание

In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
imagemagick	fixed	8:6.9.7.4+dfsg-13		package

Примечания

https://github.com/ImageMagick/ImageMagick/issues/500
Fixed by: https://github.com/ImageMagick/ImageMagick/commit/5d95b4c24a964114e2b1ae85c2b36769251ed11d
Fixed by (6.x): https://github.com/ImageMagick/ImageMagick/commit/837085e7725f6eb591eb019e299c1ddcf34b9a79

EPSS

Процентиль: 62%

0.00429

Низкий

Связанные уязвимости

CVE-2017-9500

CVSS3: 6.5

ubuntu

больше 8 лет назад

In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.

CVE-2017-9500

CVSS3: 3.3

redhat

больше 8 лет назад

In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.

CVE-2017-9500

CVSS3: 6.5

nvd

больше 8 лет назад

In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.

GHSA-mj6m-v94q-rh38

CVSS3: 6.5

github

больше 3 лет назад

In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.

SUSE-SU-2018:0880-1

suse-cvrf

почти 8 лет назад

Security update for ImageMagick

EPSS

Процентиль: 62%

0.00429

Низкий