CVE-2018-18023

Опубликовано: 05 окт. 2018

Источник: redhat

CVSS3: 3.3

Описание

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.

Отчет

This issue did not affect the versions of ImageMagick as shipped with Red Hat Enterprise Linux 5, 6, and 7.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ImageMagick	Not affected
Red Hat Enterprise Linux 6	ImageMagick	Not affected
Red Hat Enterprise Linux 7	ImageMagick	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1637186ImageMagick: heap-based buffer over-read in the SVGStripString function of coders/svg.c

3.3 Low

CVSS3

Связанные уязвимости

CVE-2018-18023

CVSS3: 6.5

ubuntu

больше 7 лет назад

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.

CVE-2018-18023

CVSS3: 6.5

nvd

больше 7 лет назад

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.

CVE-2018-18023

CVSS3: 6.5

debian

больше 7 лет назад

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...

GHSA-4m78-fr6r-52pp

CVSS3: 6.5

github

больше 3 лет назад

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.

3.3 Low

CVSS3