Описание
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.3.28-2ubuntu0.1 |
| cosmic | ignored | end of life |
| devel | not-affected | 1.4+really1.3.32-1 |
| disco | ignored | end of life |
| eoan | not-affected | 1.4+really1.3.32-1 |
| esm-apps/bionic | released | 1.3.28-2ubuntu0.1 |
| esm-apps/focal | not-affected | 1.4+really1.3.32-1 |
| esm-apps/jammy | not-affected | 1.4+really1.3.32-1 |
| esm-apps/noble | not-affected | 1.4+really1.3.32-1 |
| esm-apps/xenial | needed |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, ther ...
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
Уязвимость функции WritePDBImage графического редактора GraphicsMagick, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3