Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-3610

Опубликовано: 24 фев. 2022
Источник: debian
EPSS Низкий

Описание

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
imagemagickfixed8:6.9.12.20+dfsg1-1experimentalpackage
imagemagickfixed8:6.9.12.98+dfsg1-2package
imagemagicknot-affectedbusterpackage

Примечания

  • https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3

  • ImageMagick6 prerequisite for <= 6.9.10-92: https://github.com/ImageMagick/ImageMagick6/commit/2d96228eec9fbea62ddb6c1450fa8d43e2c6b68a

  • ImageMagick6 prerequisite for <= 6.9.11-10: https://github.com/ImageMagick/ImageMagick6/commit/7374894385161859ffbb84e280fcc89e7ae257e4

  • ImageMagick6 prerequisite for <= 6.9.11-54: https://github.com/ImageMagick/ImageMagick6/commit/cdb67005376bcc8cbb0b743fb22787794cd30ebc

  • ImageMagick6 [1/2]: https://github.com/ImageMagick/ImageMagick6/commit/b307bcadcdf6ea6819951ac1786b7904f27b25c6 (6.9.12-14)

  • ImageMagick6 [2/2]: https://github.com/ImageMagick/ImageMagick6/commit/c75ae771a00c38b757c5ef4b424b51e761b02552 (6.9.12-14)

  • Introduced by (Support 32-bit tiles TIFF images): https://github.com/ImageMagick/ImageMagick6/commit/b874d50070557eb98bdc6a3095ef4769af583dd2 (6.9.10-88)

EPSS

Процентиль: 31%
0.00113
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-3610

CVSS3: 7.5
ubuntu
больше 3 лет назад

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

redhat логотип

CVE-2021-3610

CVSS3: 5.3
redhat
около 4 лет назад

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

nvd логотип

CVE-2021-3610

CVSS3: 7.5
nvd
больше 3 лет назад

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

github логотип

GHSA-x4cj-7x5p-w7vf

CVSS3: 7.5
github
больше 3 лет назад

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

fstec логотип

BDU:2024-04884

CVSS3: 7.5
fstec
больше 1 года назад

Уязвимость функции ReadTIFFImage() консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 31%
0.00113
Низкий