Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cloudfoundryCloud FoundryCFOUNDRY:0786D81DB4A901AA3B5284FE6A0FCD9C
HistoryAug 04, 2017 - 12:00 a.m.

USN-3363-1: ImageMagick vulnerabilities | Cloud Foundry

2017-08-0400:00:00
Cloud Foundry
www.cloudfoundry.org
44

0.01 Low

EPSS

Percentile

83.4%

JSON

Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 14.04

Description

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

Affected Cloud Foundry Products and Versions

Severity is medium unless otherwise noted.

  • All versions of Cloud Foundry cflinuxfs2 prior to 1.141.0

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

  • The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.141.0 or later.

References

Related

ubuntu 1
nessus 10
openvas 7
debian 2
osv 19
suse 4
cve 20
prion 20
ubuntucve 20
nvd 20
redhatcve 20
veracode 16
debiancve 20
cvelist 20
ubuntu
ubuntu
ImageMagick vulnerabilities
2017-07-24 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : ImageMagick vulnerabilities (USN-3363-1)
2017-07-25 00:00:00
Debian DSA-3914-1 : imagemagick - security update
2017-07-19 00:00:00
Debian DLA-1000-1 : imagemagick security update
2017-06-26 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3363-1)
2017-07-25 00:00:00
Debian Security Advisory DSA 3914-1 (imagemagick - security update)
2017-07-18 00:00:00
Debian: Security Advisory (DLA-1000-1)
2018-01-28 00:00:00
debian
debian
[SECURITY] [DLA 1000-1] imagemagick security update
2017-06-24 23:27:35
[SECURITY] [DSA 3914-1] imagemagick security update
2017-07-18 21:42:34
osv
osv
imagemagick - security update
2017-06-24 00:00:00
imagemagick - security update
2017-07-18 00:00:00
CVE-2017-9405
2017-06-02 19:29:00
suse
suse
Security update for ImageMagick (important)
2017-08-28 15:08:08
Security update for ImageMagick (important)
2017-08-17 12:09:15
Security update for ImageMagick (important)
2017-08-16 18:08:05
cve
cve
CVE-2017-9409
2022-10-03 16:23:09
CVE-2017-9407
2022-10-03 16:23:08
CVE-2017-9405
2022-10-03 16:23:07
prion
prion
Memory corruption
2017-06-02 19:29:00
Memory corruption
2017-06-02 19:29:00
Memory corruption
2017-06-02 19:29:00
ubuntucve
ubuntucve
CVE-2017-9407
2017-06-02 00:00:00
CVE-2017-11188
2017-07-12 00:00:00
CVE-2017-11447
2017-07-19 00:00:00
nvd
nvd
CVE-2017-9407
2017-06-02 19:29:00
CVE-2017-9405
2017-06-02 19:29:00
CVE-2017-11448
2017-07-19 07:29:00
redhatcve
redhatcve
CVE-2017-9409
2017-06-05 14:20:08
CVE-2017-9405
2017-06-05 14:19:48
CVE-2017-9407
2017-06-05 14:19:36
veracode
veracode
Denial Of Service (DoS) Through Memory Leak
2017-06-05 01:30:44
Denial Of Service (DoS)
2017-05-29 06:34:09
Denial Of Service (DoS) Through Memory Leak
2017-06-06 06:00:55
debiancve
debiancve
CVE-2017-9407
2022-10-03 16:23:08
CVE-2017-9409
2022-10-03 16:23:09
CVE-2017-9440
2017-06-05 18:29:00
cvelist
cvelist
CVE-2017-9439
2017-06-05 18:00:00
CVE-2017-11188
2017-07-12 15:00:00
CVE-2017-9501
2017-06-07 14:00:00

0.01 Low

EPSS

Percentile

83.4%

JSON
Related for CFOUNDRY:0786D81DB4A901AA3B5284FE6A0FCD9C
ubuntu1nessus10openvas7debian2osv19suse4cve20prion20ubuntucve20nvd20redhatcve20veracode16debiancve20cvelist20