Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-14172

Опубликовано: 07 сент. 2017
Источник: nvd
CVSS3: 6.5
CVSS2: 7.1
EPSS Низкий

Описание

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:imagemagick:imagemagick:7.0.7-0:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.00579
Низкий

6.5 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-834

Связанные уязвимости

ubuntu логотип

CVE-2017-14172

CVSS3: 6.5
ubuntu
больше 8 лет назад

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

redhat логотип

CVE-2017-14172

CVSS3: 3.3
redhat
больше 8 лет назад

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

debian логотип

CVE-2017-14172

CVSS3: 6.5
debian
больше 8 лет назад

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due ...

github логотип

GHSA-hvh3-xpr5-c2c8

CVSS3: 6.5
github
больше 3 лет назад

In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

fstec логотип

BDU:2017-02084

CVSS3: 6.5
fstec
больше 8 лет назад

Уязвимость функции ReadPSImage (coders/ps.c) консольного графического редактора ImageMagick, позволяющая нарушителю вызвать расход вычислительных ресурсов и отказ в обслуживании

EPSS

Процентиль: 68%
0.00579
Низкий

6.5 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-834