ID CVE-2017-9141
Summary In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
References
Vulnerable Configurations
  • cpe:2.3:a:imagemagick:imagemagick:7.0.5-7:*:*:*:*:*:*:*
    cpe:2.3:a:imagemagick:imagemagick:7.0.5-7:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 15-10-2020 - 16:09)
Impact:
Exploitability:
CWE CWE-617
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 98606
confirm
debian DSA-3863
Last major update 15-10-2020 - 16:09
Published 22-05-2017 - 14:29
Last modified 15-10-2020 - 16:09
Back to Top