Out-of-Bounds in imagemagick

Do your applications use this vulnerable package? Test your applications

Overview

Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

References

Debian Security Advisory
Debian Security Advisory
Debian Security Tracker
Gentoo Security Advisory
GitHub Issue
Ubuntu CVE Tracker
Ubuntu Security Advisory

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

Required
Scope

Unchanged
Confidentiality

High
Integrity

High
Availability

High

CVE: CVE-2017-12983
CWE: CWE-119
Snyk ID: SNYK-DEBIAN9-IMAGEMAGICK-402339
Disclosed: 21 Aug, 2017
Published: 21 Aug, 2017

Out-of-Bounds
Affecting imagemagick package, versions <8:6.9.7.4+dfsg-11+deb9u3

Overview

References

CVSS Score

Out-of-Bounds Affecting imagemagick package, versions <8:6.9.7.4+dfsg-11+deb9u3

Overview

References

Out-of-Bounds
Affecting imagemagick package, versions <8:6.9.7.4+dfsg-11+deb9u3