CVE-2018-12599

Опубликовано: 20 июн. 2018

Источник: debian

Описание

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

Пакет	Статус	Версия исправления	Релиз	Тип
imagemagick	fixed	8:6.9.10.2+dfsg-1	experimental	package
imagemagick	fixed	8:6.9.10.2+dfsg-2		package

https://github.com/ImageMagick/ImageMagick/issues/1177
https://github.com/ImageMagick/ImageMagick/commit/ae04fa4be910255e5d363edebd77adeee99a525d
ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/081f518eb9cb38e683b8b9ccb9e4ab5c52f82c2f

CVE-2018-12599

CVSS3: 8.8

ubuntu

около 7 лет назад

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

CVE-2018-12599

CVSS3: 5.3

redhat

около 7 лет назад

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

CVE-2018-12599

CVSS3: 8.8

nvd

около 7 лет назад

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

GHSA-3gpg-jmj2-prg2

CVSS3: 8.8

github

около 3 лет назад

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

BDU:2019-04306

CVSS3: 8.8

fstec

почти 7 лет назад

Уязвимость функций ReadBMPImage, WriteBMPImage консольного графического редактора ImageMagick, позволяющая нарушителю выполнить произвольный код