Описание
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.3.28-2ubuntu0.1 |
| cosmic | ignored | end of life |
| devel | not-affected | 1.4~hg15873-1 |
| disco | not-affected | 1.4~hg15873-1 |
| eoan | not-affected | 1.4~hg15873-1 |
| esm-apps/bionic | released | 1.3.28-2ubuntu0.1 |
| esm-apps/focal | not-affected | 1.4~hg15873-1 |
| esm-apps/jammy | not-affected | 1.4~hg15873-1 |
| esm-apps/noble | not-affected | 1.4~hg15873-1 |
| esm-apps/xenial | needed |
Показывать по
2.6 Low
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there ...
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
Уязвимость функции ReadBMPImage графического редактора GraphicsMagick, связанная с чтение за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
2.6 Low
CVSS2
5.3 Medium
CVSS3