CVE-2018-11625

Опубликовано: 30 мая 2018

Источник: redhat

CVSS3: 3.3

Описание

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

This issue did not affect the versions of ImageMagick as shipped with Red Hat Enterprise Linux 5, 6, and 7.

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ImageMagick	Not affected
Red Hat Enterprise Linux 6	ImageMagick	Not affected
Red Hat Enterprise Linux 7	ImageMagick	Not affected
Red Hat Enterprise Linux 8	ImageMagick	Not affected

Показывать по

Статус:

Low

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1584904ImageMagick: heap-based buffer over-read in SetGrayscaleImage in the quantize.c

3.3 Low

CVSS3

CVE-2018-11625

CVSS3: 8.8

ubuntu

больше 7 лет назад

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

CVE-2018-11625

CVSS3: 8.8

nvd

больше 7 лет назад

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

CVE-2018-11625

CVSS3: 8.8

debian

больше 7 лет назад

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file ...

GHSA-3ww7-w2h2-5c4x

CVSS3: 8.8

github

больше 3 лет назад

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

openSUSE-SU-2018:2123-1

suse-cvrf

больше 7 лет назад

Security update for ImageMagick

3.3 Low

CVSS3