6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
33.2%
Vulnerability of ImageMagick graphic editor is related to integer overflow in function
ExportIndexQuantum() in MagickCore/quantum-export.c. Exploitation of the vulnerability could allow an attacker,
acting remotely, to pass specially crafted image data to an application, cause an
integer overflow and execute arbitrary code on the target system
A vulnerability in the implementation of the PushLongPixel() function of the ImageMagick graphics editor is related to the output of the
operation beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service or obtain unauthorized code.
denial of service or gain unauthorized access to protected information by means of a specially
specially crafted image file
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | imagemagick | <= 6.9.11.27-4 | UNKNOWN |
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
33.2%