Use After Free in imagemagick

Do your applications use this vulnerable package? Test your applications

Overview

The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has incorrect expectations about whether LibTIFF TIFFGetField return values imply that data validation has occurred, which allows remote attackers to cause a denial of service (use-after-free after an invalid call to TIFFSetField, and application crash) via a crafted file.

References

Debian Security Tracker
MLIST
Security Focus
Ubuntu CVE Tracker
http://bugzilla.maptools.org/show_bug.cgi?id=2730
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32560

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

Required
Scope

Unchanged
Confidentiality

None
Integrity

None
Availability

High

CVE: CVE-2017-14528
CWE: CWE-416
Snyk ID: SNYK-DEBIAN9-IMAGEMAGICK-400068
Disclosed: 18 Sep, 2017
Published: 18 Sep, 2017

Use After Free
Affecting imagemagick package, versions <8:6.9.7.4+dfsg-11+deb9u11

Overview

References

CVSS Score

Use After Free Affecting imagemagick package, versions <8:6.9.7.4+dfsg-11+deb9u11

Overview

References

Use After Free
Affecting imagemagick package, versions <8:6.9.7.4+dfsg-11+deb9u11