Lucene search
Veracode Vulnerability DatabaseVERACODE:26975HistorySep 21, 2020 - 6:28 a.m.
Arbitrary Code Execution
2020-09-2106:28:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
EPSS
0.004
Percentile
73.9%
graphicsmagick is vulnerable to arbitrary code execution. The vulnerability exists through a heap-based buffer over-read in the ImportGrayQuantumType function, through ReadGRAYImage in coders/gray.c
References
hg.code.sf.net/p/graphicsmagick/code/rev/460ef5e858ad
lists.debian.org/debian-lts-announce/2018/01/msg00005.html
lists.debian.org/debian-lts-announce/2018/06/msg00009.html
lists.fedoraproject.org/archives/list/[email protected]/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/
lists.fedoraproject.org/archives/list/[email protected]/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/
sourceforge.net/p/graphicsmagick/bugs/522/
www.debian.org/security/2018/dsa-4321
Related
nvd
nvd
CVE-2017-17503
2017-12-11 02:29:00
cve
cve
CVE-2017-17503
2017-12-11 02:29:00
debiancve
debiancve
CVE-2017-17503
2017-12-11 02:29:00
cvelist
cvelist
CVE-2017-17503
2017-12-11 02:00:00
alpinelinux
alpinelinux
CVE-2017-17503
2017-12-11 02:29:00
prion
prion
Heap overflow
2017-12-11 02:29:00
ubuntucve
ubuntucve
CVE-2017-17503
2017-12-11 00:00:00
nessus
nessus
openSUSE Security Update : GraphicsMagick (openSUSE-2018-191)
2018-02-21 00:00:00
Debian DLA-1231-1 : graphicsmagick security update
2018-01-09 00:00:00
Ubuntu 16.04 LTS : GraphicsMagick vulnerabilities (USN-4248-1)
2020-01-23 00:00:00
debian
debian
[SECURITY] [DLA 1231-1] graphicsmagick security update
2018-01-08 13:31:31
[SECURITY] [DLA 1401-1] graphicsmagick security update
2018-06-27 21:28:32
[SECURITY] [DSA 4321-1] graphicsmagick security update
2018-10-16 21:57:57
osv
osv
graphicsmagick - security update
2018-01-07 00:00:00
graphicsmagick - security update
2018-06-27 00:00:00
graphicsmagick - security update
2018-10-16 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1231-1)
2018-01-08 00:00:00
Ubuntu: Security Advisory (USN-4248-1)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1401-1)
2018-07-09 00:00:00
ubuntu
ubuntu
GraphicsMagick vulnerabilities
2020-01-22 00:00:00