Описание
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 8:6.9.7.4+dfsg-16ubuntu6.7 |
| cosmic | released | 8:6.9.10.8+dfsg-1ubuntu2.2 |
| devel | released | 8:6.9.10.23+dfsg-2.1ubuntu1 |
| disco | released | 8:6.9.10.14+dfsg-7ubuntu2.2 |
| esm-apps/focal | released | 8:6.9.10.23+dfsg-2.1ubuntu1 |
| esm-apps/jammy | released | 8:6.9.10.23+dfsg-2.1ubuntu1 |
| esm-apps/noble | released | 8:6.9.10.23+dfsg-2.1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 8:6.7.7.10-6ubuntu3.13+esm9 |
| esm-infra/bionic | not-affected | 8:6.9.7.4+dfsg-16ubuntu6.7 |
| esm-infra/xenial | not-affected | 8:6.8.9.9-7ubuntu5.14 |
Показывать по
EPSS
5.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in ...
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
Уязвимость функции WriteTIFFImage программы для чтения и редактирования графических файлов ImageMagick, связанная с чтением за границами буфера памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании
EPSS
5.8 Medium
CVSS2
8.1 High
CVSS3