CVE-2017-18250 - An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in

CVE-2017-18250

Summary

An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file.

References

https://github.com/ImageMagick/ImageMagick/issues/793

Vulnerable Configurations

cpe:2.3:a:imagemagick:imagemagick:7.0.7-0:*:*:*:*:*:*:*
cpe:2.3:a:imagemagick:imagemagick:7.0.7-0:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 09-08-2018 - 16:40)
Impact:
Exploitability:

CWE

CWE-476

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

confirm

https://github.com/ImageMagick/ImageMagick/issues/793

Last major update

09-08-2018 - 16:40

Published

27-03-2018 - 03:29

Last modified

09-08-2018 - 16:40