Package ImageMagick updated to version 6.9.9.14-alt1 for branch sisyphus in task 188352.

Published: 2017-08-29

BDU:2021-03376

Уязвимость функции IdentifyImage компонента MagickCore/identify.c консольного графического редактора ImageMagick, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

CVE-2017-13768

Published: 2017-08-30
Modified: 2024-11-21

CVE-2017-13768

Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Published: 2017-08-30
Modified: 2024-11-21

CVE-2017-13769

The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

convert: memory allocation failed

Version: 2.1.0

Package ImageMagick update in sisyphus on 2017-09-18

ALT-PU-2017-2227-1

Closed vulnerabilities

BDU:2021-03376

CVE-2017-13768

CVE-2017-13769

Closed bugs

Bug #33850