CVE-2017-13144

Опубликовано: 23 авг. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ImageMagick	Will not fix
Red Hat Enterprise Linux 6	ImageMagick	Will not fix
Red Hat Enterprise Linux 7	ImageMagick	Will not fix
Red Hat OpenShift Enterprise 2	ImageMagick	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1486802ImageMagick: Improper size validation in ReadJPEGImage function in error/jpeg.c

EPSS

Процентиль: 47%

0.00243

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-13144

CVSS3: 6.5

ubuntu

больше 8 лет назад

In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.

CVE-2017-13144

CVSS3: 6.5

nvd

больше 8 лет назад

In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.

CVE-2017-13144

CVSS3: 6.5

debian

больше 8 лет назад

In ImageMagick before 6.9.7-10, there is a crash (rather than a "width ...

GHSA-2hh9-vfrm-8f6w

CVSS3: 6.5

github

больше 3 лет назад

In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.

EPSS

Процентиль: 47%

0.00243

Низкий

3.3 Low

CVSS3