CVE-2017-11540

Опубликовано: 16 июл. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ImageMagick	Will not fix
Red Hat Enterprise Linux 6	ImageMagick	Will not fix
Red Hat Enterprise Linux 7	ImageMagick	Will not fix
Red Hat OpenShift Enterprise 2	ImageMagick	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1474924ImageMagick: Heap buffer over-read in the GetPixelIndex() function

EPSS

Процентиль: 59%

0.00377

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-11540

CVSS3: 6.5

ubuntu

больше 8 лет назад

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

CVE-2017-11540

CVSS3: 6.5

nvd

больше 8 лет назад

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

CVE-2017-11540

CVSS3: 6.5

debian

больше 8 лет назад

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can l ...

GHSA-6wgc-c957-5c9c

CVSS3: 6.5

github

больше 3 лет назад

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

EPSS

Процентиль: 59%

0.00377

Низкий

3.3 Low

CVSS3