4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
86.8%
Package : graphicsmagick
Version : 1.3.16-1.1+deb7u3
CVE IDs : 2016-5240 2016-5241
It was discovered that there were two denial of service vulnerabilities
in graphicsmagick, a collection of image processing tools:
CVE-2016-5240: Prevent denial-of-service by detecting and rejecting
negative stroke-dasharray arguments which were resulting in an
endless loop.
CVE-2016-5241: Fix divide-by-zero problem if fill or stroke pattern
image has zero columns or rows to prevent DoS attack.
For Debian 7 "Wheezy", this issue has been fixed in graphicsmagick version
1.3.16-1.1+deb7u3.
We recommend that you upgrade your graphicsmagick packages.
Regards,
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | i386 | kvm | < 1:1.1.2+dfsg-6+deb7u14 | kvm_1:1.1.2+dfsg-6+deb7u14_i386.deb |
Debian | 7 | amd64 | qemu-kvm | < 1.1.2+dfsg-6+deb7u14 | qemu-kvm_1.1.2+dfsg-6+deb7u14_amd64.deb |
Debian | 7 | amd64 | kvm | < 1:1.1.2+dfsg-6+deb7u14 | kvm_1:1.1.2+dfsg-6+deb7u14_amd64.deb |
Debian | 7 | amd64 | qemu-kvm-dbg | < 1.1.2+dfsg-6+deb7u14 | qemu-kvm-dbg_1.1.2+dfsg-6+deb7u14_amd64.deb |
Debian | 7 | i386 | qemu-kvm-dbg | < 1.1.2+dfsg-6+deb7u14 | qemu-kvm-dbg_1.1.2+dfsg-6+deb7u14_i386.deb |
Debian | 7 | all | qemu-kvm | < 1.1.2+dfsg-6+deb7u14 | qemu-kvm_1.1.2+dfsg-6+deb7u14_all.deb |
Debian | 7 | i386 | qemu-kvm | < 1.1.2+dfsg-6+deb7u14 | qemu-kvm_1.1.2+dfsg-6+deb7u14_i386.deb |
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
86.8%