Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-15141

Опубликовано: 28 апр. 2019
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickOut of support scope
Red Hat Enterprise Linux 6ImageMagickOut of support scope
Red Hat Enterprise Linux 7autotraceFixedRHSA-2020:118031.03.2020
Red Hat Enterprise Linux 7emacsFixedRHSA-2020:118031.03.2020
Red Hat Enterprise Linux 7ImageMagickFixedRHSA-2020:118031.03.2020
Red Hat Enterprise Linux 7inkscapeFixedRHSA-2020:118031.03.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-119->CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1767802ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c

EPSS

Процентиль: 26%
0.00088
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-15141

CVSS3: 6.5
ubuntu
почти 6 лет назад

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.

nvd логотип

CVE-2019-15141

CVSS3: 6.5
nvd
почти 6 лет назад

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.

debian логотип

CVE-2019-15141

CVSS3: 6.5
debian
почти 6 лет назад

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows att ...

github логотип

GHSA-25x5-8pr2-jjhj

CVSS3: 6.5
github
около 3 лет назад

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.

suse-cvrf логотип

SUSE-SU-2019:2785-2

suse-cvrf
больше 5 лет назад

Security update for ImageMagick

EPSS

Процентиль: 26%
0.00088
Низкий

5.5 Medium

CVSS3