Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-14175

Опубликовано: 07 сент. 2017
Источник: nvd
CVSS3: 6.5
CVSS2: 7.1
EPSS Низкий

Описание

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:imagemagick:imagemagick:7.0.6-1:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.00579
Низкий

6.5 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-834

Связанные уязвимости

ubuntu логотип

CVE-2017-14175

CVSS3: 6.5
ubuntu
почти 8 лет назад

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.

redhat логотип

CVE-2017-14175

CVSS3: 3.3
redhat
почти 8 лет назад

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.

debian логотип

CVE-2017-14175

CVSS3: 6.5
debian
почти 8 лет назад

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() du ...

github логотип

GHSA-2g4j-2xqp-4hq5

CVSS3: 6.5
github
больше 3 лет назад

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.

fstec логотип

BDU:2017-02082

CVSS3: 6.5
fstec
почти 8 лет назад

Уязвимость функции ReadXBMImage (coders/xbm.c) консольного графического редактора ImageMagick, позволяющая нарушителю вызвать расход вычислительных ресурсов и отказ в обслуживании системы

EPSS

Процентиль: 68%
0.00579
Низкий

6.5 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-834