CVE-2017-7619 - In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in som

CVE-2017-7619

Summary

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv. <a href="http://cwe.mitre.org/data/definitions/835.html">CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')</a>

References

Vulnerable Configurations

cpe:2.3:a:imagemagick:imagemagick:7.0.4-9:*:*:*:*:*:*:*
cpe:2.3:a:imagemagick:imagemagick:7.0.4-9:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-835

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	98689
confirm	https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31506
debian	DSA-3863

Last major update

03-10-2019 - 00:03

Published

10-04-2017 - 14:59

Last modified

03-10-2019 - 00:03