Arbitrary Code Execution

2020-12-0604:01:18

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

imagemagick

denial of service

integer overflow

arbitrary code execution

EPSS

0.001

Percentile

48.3%

JSON

imagemagick is vulnerable to denial of service. An attacker is able to crash the application or potentially execute arbitrary code via a malicious file due to an integer overflow in MagickCore/statistic.c

References

bugzilla.redhat.com/show_bug.cgi?id=1894686

lists.debian.org/debian-lts-announce/2021/03/msg00030.html

security-tracker.debian.org/tracker/CVE-2020-27766

EPSS

0.001

Percentile

48.3%

JSON

Related for VERACODE:28312