Missing Release of Resource after Effective Lifetime in imagemagick

Do your applications use this vulnerable package? Test your applications

Overview

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.

References

Debian Security Tracker
Gentoo Security Advisory
GitHub Issue
Ubuntu CVE Tracker
Ubuntu Security Advisory

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

None
Integrity

None
Availability

High

CVE: CVE-2017-12418
CWE: CWE-772
Snyk ID: SNYK-DEBIAN8-IMAGEMAGICK-401904
Disclosed: 04 Aug, 2017
Published: 04 Aug, 2017

Missing Release of Resource after Effective Lifetime
Affecting imagemagick package, versions *

Overview

References

CVSS Score

Missing Release of Resource after Effective Lifetime Affecting imagemagick package, versions *

Overview

References

Missing Release of Resource after Effective Lifetime
Affecting imagemagick package, versions *