Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-14505

Опубликовано: 17 сент. 2017
Источник: redhat
CVSS3: 3.3
EPSS Низкий

Описание

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickNot affected
Red Hat Enterprise Linux 6ImageMagickNot affected
Red Hat Enterprise Linux 7ImageMagickNot affected
Red Hat OpenShift Enterprise 2ImageMagickNot affected

Показывать по

Дополнительная информация

Статус:

Low
Дефект:
CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1494540ImageMagick: Null pointer dereference in DrawGetStrokeDashArray function in wand/drawing-wand.c

EPSS

Процентиль: 56%
0.00334
Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVSS3: 6.5
ubuntu
почти 8 лет назад

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.

CVSS3: 6.5
nvd
почти 8 лет назад

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.

CVSS3: 6.5
debian
почти 8 лет назад

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 m ...

CVSS3: 6.5
github
больше 3 лет назад

DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.

CVSS3: 6.5
fstec
почти 8 лет назад

Уязвимость функции DrawGetStrokeDashArray компонента wand/drawing-wand.c консольного графического редактора ImageMagick, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 56%
0.00334
Низкий

3.3 Low

CVSS3