CVE-2017-17879

Опубликовано: 24 дек. 2017

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ImageMagick	Will not fix
Red Hat Enterprise Linux 6	ImageMagick	Will not fix
Red Hat Enterprise Linux 7	ImageMagick	Will not fix
Red Hat Enterprise Linux 8	ImageMagick	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1529170ImageMagick: Heap-based buffer over-read in ReadOneMNGImage function in coders/png.c

EPSS

Процентиль: 80%

0.01443

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2017-17879

CVSS3: 8.8

ubuntu

около 8 лет назад

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

CVE-2017-17879

CVSS3: 8.8

nvd

около 8 лет назад

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

CVE-2017-17879

CVSS3: 8.8

debian

около 8 лет назад

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based b ...

GHSA-r86g-g8qv-wvcr

CVSS3: 8.8

github

больше 3 лет назад

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.

SUSE-SU-2018:0350-1

suse-cvrf

около 8 лет назад

Security update for ImageMagick

EPSS

Процентиль: 80%

0.01443

Низкий

3.3 Low

CVSS3