Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-15607

Опубликовано: 21 авг. 2018
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.1
CVSS3: 6.5

Описание

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

РелизСтатусПримечание
bionic

released

8:6.9.7.4+dfsg-16ubuntu6.7
cosmic

released

8:6.9.10.8+dfsg-1ubuntu2.2
devel

not-affected

8:6.9.10.14+dfsg-7ubuntu2
disco

not-affected

8:6.9.10.14+dfsg-7ubuntu2
esm-apps/focal

not-affected

8:6.9.10.14+dfsg-7ubuntu2
esm-apps/jammy

not-affected

8:6.9.10.14+dfsg-7ubuntu2
esm-apps/noble

not-affected

8:6.9.10.14+dfsg-7ubuntu2
esm-infra-legacy/trusty

needed

esm-infra/bionic

not-affected

8:6.9.7.4+dfsg-16ubuntu6.7
esm-infra/xenial

not-affected

8:6.8.9.9-7ubuntu5.14

Показывать по

Ссылки на источники

EPSS

Процентиль: 74%
0.00874
Низкий

7.1 High

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-15607

CVSS3: 5.3
redhat
почти 7 лет назад

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

nvd логотип

CVE-2018-15607

CVSS3: 6.5
nvd
почти 7 лет назад

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

debian логотип

CVE-2018-15607

CVSS3: 6.5
debian
почти 7 лет назад

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x3 ...

github логотип

GHSA-w9f3-hh6v-j26p

CVSS3: 6.5
github
около 3 лет назад

In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

oracle-oval логотип

ELSA-2020-1180

oracle-oval
больше 5 лет назад

ELSA-2020-1180: ImageMagick security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 74%
0.00874
Низкий

7.1 High

CVSS2

6.5 Medium

CVSS3