Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-11722

Опубликовано: 28 июл. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

1.3.26-4
cosmic

not-affected

1.3.26-4
devel

not-affected

1.3.26-4
disco

not-affected

1.3.26-4
eoan

not-affected

1.3.26-4
esm-apps/bionic

not-affected

1.3.26-4
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
precise/esm

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 72%
0.00733
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-11722

CVSS3: 6.5
nvd
больше 8 лет назад

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition.

debian логотип

CVE-2017-11722

CVSS3: 6.5
debian
больше 8 лет назад

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 ...

github логотип

GHSA-m7rp-jrcg-r626

CVSS3: 6.5
github
больше 3 лет назад

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition.

fstec логотип

BDU:2019-04046

CVSS3: 6.5
fstec
больше 8 лет назад

Уязвимость функции WriteOnePNGImage (coders/png.c) кроссплатформенной библиотеки для работы с графикой GraphicsMagick, позволяющая нарушителю вызвать отказ в обслуживании

suse-cvrf логотип

openSUSE-SU-2018:0460-1

suse-cvrf
почти 8 лет назад

Security update for GraphicsMagick

EPSS

Процентиль: 72%
0.00733
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3