Lucene search
Veracode Vulnerability DatabaseVERACODE:27179HistorySep 21, 2020 - 6:40 a.m.
Arbitrary Code Execution
2020-09-2106:40:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
EPSS
0.008
Percentile
81.9%
graphicsmagick is vulnerable to arbitrary code execution. The vulnerability exists as the ReadMNGImage function in coders/png.c mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
References
hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188
blogs.gentoo.org/ago/2017/08/05/graphicsmagick-invalid-memory-read-in-setimagecolorcallback-image-c/
lists.debian.org/debian-lts-announce/2018/08/msg00002.html
lists.fedoraproject.org/archives/list/[email protected]/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/
lists.fedoraproject.org/archives/list/[email protected]/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/
www.debian.org/security/2018/dsa-4321
Related
alpinelinux
alpinelinux
CVE-2017-12935
2017-08-18 12:29:00
nvd
nvd
CVE-2017-12935
2017-08-18 12:29:00
cvelist
cvelist
CVE-2017-12935
2017-08-18 12:00:00
debiancve
debiancve
CVE-2017-12935
2017-08-18 12:29:00
ubuntucve
ubuntucve
CVE-2017-12935
2017-08-18 00:00:00
prion
prion
Design/Logic Flaw
2017-08-18 12:29:00
cve
cve
CVE-2017-12935
2017-08-18 12:29:00
mageia
mageia
Updated graphicsmagick packages fix security vulnerability
2017-08-23 18:43:04
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0297)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-1082-1)
2018-02-06 00:00:00
GraphicsMagick Multiple Vulnerabilities (Aug 2017) - Windows
2017-08-23 00:00:00
debian
debian
[SECURITY] [DLA 1082-1] graphicsmagick security update
2017-08-31 20:21:30
[SECURITY] [DLA 1456-1] graphicsmagick security update
2018-08-03 01:07:24
[SECURITY] [DSA 4321-1] graphicsmagick security update
2018-10-16 21:57:57
nessus
nessus
Debian DLA-1082-1 : graphicsmagick security update
2017-09-01 00:00:00
openSUSE Security Update : GraphicsMagick (openSUSE-2018-88)
2018-01-26 00:00:00
Ubuntu 16.04 LTS : GraphicsMagick vulnerabilities (USN-4222-1)
2019-12-17 00:00:00
osv
osv
graphicsmagick - security update
2017-08-31 00:00:00
graphicsmagick - security update
2018-08-02 00:00:00
graphicsmagick - security update
2018-10-16 00:00:00
archlinux
archlinux
[ASA-201801-7] graphicsmagick: multiple issues
2018-01-08 00:00:00
ubuntu
ubuntu
GraphicsMagick vulnerabilities
2019-12-16 00:00:00