Описание
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 8:6.9.7.4+dfsg-12ubuntu1 |
| esm-infra-legacy/trusty | released | 8:6.7.7.10-6ubuntu3.8 |
| esm-infra/xenial | released | 8:6.8.9.9-7ubuntu5.8 |
| precise/esm | DNE | |
| trusty | released | 8:6.7.7.10-6ubuntu3.8 |
| trusty/esm | released | 8:6.7.7.10-6ubuntu3.8 |
| upstream | released | 8:6.9.7.4+dfsg-12 |
| vivid/ubuntu-core | DNE | |
| xenial | released | 8:6.8.9.9-7ubuntu5.8 |
| yakkety | ignored | end of life |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextTo ...
In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.
6.8 Medium
CVSS2
8.8 High
CVSS3