CVE-2017-11448

Опубликовано: 21 июл. 2017

Источник: redhat

CVSS3: 3.3

Описание

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ImageMagick	Will not fix
Red Hat Enterprise Linux 6	ImageMagick	Will not fix
Red Hat Enterprise Linux 7	ImageMagick	Will not fix
Red Hat OpenShift Enterprise 2	ImageMagick	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=1473801ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-11448

CVSS3: 6.5

ubuntu

больше 8 лет назад

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

CVE-2017-11448

CVSS3: 6.5

nvd

больше 8 лет назад

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

CVE-2017-11448

CVSS3: 6.5

debian

больше 8 лет назад

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0. ...

GHSA-x5g7-x436-6437

CVSS3: 6.5

github

больше 3 лет назад

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

SUSE-SU-2018:0524-1

suse-cvrf

почти 8 лет назад

Security update for GraphicsMagick

3.3 Low

CVSS3