Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-14174

Опубликовано: 07 сент. 2017
Источник: redhat
CVSS3: 3.3

Описание

In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickWill not fix
Red Hat Enterprise Linux 6ImageMagickWill not fix
Red Hat Enterprise Linux 7ImageMagickWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1489705ImageMagick: Lack of EOF check in the ReadPSDLayersInternal() function

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-14174

CVSS3: 6.5
ubuntu
больше 8 лет назад

In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

nvd логотип

CVE-2017-14174

CVSS3: 6.5
nvd
больше 8 лет назад

In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

debian логотип

CVE-2017-14174

CVSS3: 6.5
debian
больше 8 лет назад

In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInte ...

github логотип

GHSA-x8gv-j25j-89qm

CVSS3: 6.5
github
больше 3 лет назад

In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.

fstec логотип

BDU:2017-02083

CVSS3: 6.5
fstec
больше 8 лет назад

Уязвимость функции ReadPSDLayersInternal (coders/psd.c) консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

3.3 Low

CVSS3