Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-16352

Опубликовано: 01 нояб. 2017
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 6.8
CVSS3: 8.8

Описание

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

1.3.26-17
cosmic

not-affected

1.3.26-17
devel

not-affected

1.3.26-17
disco

not-affected

1.3.26-17
eoan

not-affected

1.3.26-17
esm-apps/bionic

not-affected

1.3.26-17
esm-apps/focal

not-affected

1.3.26-17
esm-apps/jammy

not-affected

1.3.26-17
esm-apps/xenial

released

1.3.23-1ubuntu0.4

Показывать по

Ссылки на источники

EPSS

Процентиль: 97%
0.3137
Средний

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-16352

CVSS3: 3.3
redhat
больше 8 лет назад

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

nvd логотип

CVE-2017-16352

CVSS3: 8.8
nvd
больше 8 лет назад

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

debian логотип

CVE-2017-16352

CVSS3: 8.8
debian
больше 8 лет назад

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vu ...

github логотип

GHSA-fhvj-crp7-xfjw

CVSS3: 8.8
github
больше 3 лет назад

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.

fstec логотип

BDU:2019-04108

CVSS3: 8.8
fstec
больше 8 лет назад

Уязвимость функции ReadOneJNGImage (coders/png.c) кроссплатформенной библиотеки для работы с графикой GraphicsMagick, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 97%
0.3137
Средний

6.8 Medium

CVSS2

8.8 High

CVSS3

Уязвимость CVE-2017-16352