Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-27760

Опубликовано: 04 окт. 2019
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In GammaImage() of /MagickCore/enhance.c, depending on the gamma value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the PerceptibleReciprocal() to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.

In GammaImage() of /MagickCore/enhance.c, depending on the gamma value, it is possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. The patch uses the PerceptibleReciprocal() to prevent the divide-by-zero from occurring. This issue could lead to an impact on application availability.

Отчет

This flaw is out of support scope for Red Hat Enterprise Linux 5, 6, and 7. Inkscape is not affected because it no longer uses a bundled ImageMagick in Red Hat Enterprise Linux 8. For more information regarding support scopes, please see https://access.redhat.com/support/policy/updates/errata .

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickOut of support scope
Red Hat Enterprise Linux 6ImageMagickOut of support scope
Red Hat Enterprise Linux 7ImageMagickOut of support scope
Red Hat Enterprise Linux 8inkscapeNot affected
Red Hat Enterprise Linux 9ImageMagickAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-369
https://bugzilla.redhat.com/show_bug.cgi?id=1894239ImageMagick: division by zero at MagickCore/enhance.c

EPSS

Процентиль: 37%
0.00156
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-27760

CVSS3: 5.5
ubuntu
около 5 лет назад

In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.

nvd логотип

CVE-2020-27760

CVSS3: 5.5
nvd
около 5 лет назад

In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.

debian логотип

CVE-2020-27760

CVSS3: 5.5
debian
около 5 лет назад

In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` v ...

github логотип

GHSA-9v75-p4cg-f8c9

CVSS3: 5.5
github
больше 3 лет назад

In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. This could lead to an impact to application availability. The patch uses the `PerceptibleReciprocal()` to prevent the divide-by-zero from occurring. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68.

fstec логотип

BDU:2021-03420

CVSS3: 5.3
fstec
больше 6 лет назад

Уязвимость функции GammaImage() компонента /MagickCore/enhance.c консольного графического редактора ImageMagick, связанная с делением на ноль, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 37%
0.00156
Низкий

5.5 Medium

CVSS3