Lucene search
Veracode Vulnerability DatabaseVERACODE:5034HistorySep 08, 2017 - 2:01 a.m.
Denial Of Service (DoS) Through Memory Consumption
2017-09-0802:01:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.005
Percentile
76.4%
ImageMagick is vulnerable to denial of service (DoS) attacks. A malicious user can pass a PSD file to the system causing big loop that consumes a large amount of CPU resources. This is due to the library lacking an end of file (EOF) check.
References
github.com/ImageMagick/ImageMagick/commit/8598a497e2d1f556a34458cf54b40ba40674734c
github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac
github.com/ImageMagick/ImageMagick/issues/715
lists.debian.org/debian-lts-announce/2019/05/msg00015.html
lists.debian.org/debian-lts-announce/2020/09/msg00007.html
security.gentoo.org/glsa/201711-07
usn.ubuntu.com/3681-1/
Related
redhatcve
redhatcve
CVE-2017-14172
2017-09-08 08:00:26
nvd
nvd
CVE-2017-14172
2017-09-07 06:29:00
debiancve
debiancve
CVE-2017-14172
2017-09-07 06:29:00
cve
cve
CVE-2017-14172
2017-09-07 06:29:00
osv
osv
CVE-2017-14172
2017-09-07 06:29:00
imagemagick - security update
2017-10-10 00:00:00
imagemagick - security update
2020-09-07 00:00:00
cvelist
cvelist
CVE-2017-14172
2017-09-07 06:00:00
ubuntucve
ubuntucve
CVE-2017-14172
2017-09-07 00:00:00
prion
prion
Code injection
2017-09-07 06:29:00
nessus
nessus
Debian DLA-1131-1 : imagemagick security update
2017-10-11 00:00:00
SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2017:3378-1)
2017-12-21 00:00:00
openSUSE Security Update : ImageMagick (openSUSE-2017-1413)
2017-12-26 00:00:00
debian
debian
[SECURITY] [DLA 1131-1] imagemagick security update
2017-10-11 02:59:21
[SECURITY] [DLA 1785-1] imagemagick security update
2019-05-14 10:40:29
[SECURITY] [DLA 2366-1] imagemagick security update
2020-09-07 21:24:40
openvas
openvas
Debian: Security Advisory (DLA-1131-1)
2018-02-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:3378-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:3388-1)
2021-04-19 00:00:00
suse
suse
Security update for ImageMagick (important)
2017-12-20 18:09:33
Security update for ImageMagick (important)
2017-12-20 18:36:37
Security update for ImageMagick (important)
2017-12-22 21:12:06
gentoo
gentoo
ImageMagick: Multiple vulnerabilities
2017-11-11 00:00:00
cloudfoundry
cloudfoundry
USN-3681-1: ImageMagick vulnerabilities | Cloud Foundry
2018-06-14 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2018-06-12 00:00:00