Описание
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 8:6.9.7.4+dfsg-12ubuntu1 |
| esm-infra-legacy/trusty | released | 8:6.7.7.10-6ubuntu3.8 |
| esm-infra/xenial | released | 8:6.8.9.9-7ubuntu5.8 |
| precise/esm | DNE | |
| trusty | released | 8:6.7.7.10-6ubuntu3.8 |
| trusty/esm | released | 8:6.7.7.10-6ubuntu3.8 |
| upstream | released | 8:6.9.7.4+dfsg-12 |
| vivid/ubuntu-core | DNE | |
| xenial | released | 8:6.8.9.9-7ubuntu5.8 |
| yakkety | ignored | end of life |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable st ...
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3