Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2014-1958

Published: 06/02/2020 Updated: 12/02/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Imagemagick

Vulnerability Summary

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick prior to 6.8.8-5 might allow remote malicious users to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick

canonical ubuntu linux 12.04

canonical ubuntu linux 12.10

canonical ubuntu linux 13.10

opensuse opensuse 11.4

opensuse opensuse 12.3

opensuse opensuse 13.1

Vendor Advisories

Debian CVElist Bug Report Logs: imagemagick: CVE-2014-1947 CVE-2014-1958 CVE-2014-2030
Debian Bug report logs - #740250 imagemagick: CVE-2014-1947 CVE-2014-1958 CVE-2014-2030 Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilo ...
Ubuntu Security Notice: imagemagick vulnerabilities
ImageMagick could be made to crash or run programs if it opened a specially crafted image file ...
Debian Security Advisories: DSA-2898-1 imagemagick -- security update
Several buffer overflows were found in Imagemagick, a suite of image manipulation programs Processing malformed PSD files could lead to the execution of arbitrary code For the oldstable distribution (squeeze), these problems have been fixed in version 8:6604-3+squeeze4 For the stable distribution (wheezy), these problems have been fixed in ve ...
Amazon Linux AMI: ALAS-2014-336
A buffer overflow flaw was found in the way ImageMagick handled PSD images that use RLE encoding An attacker could create a malicious PSD image file that, when opened in ImageMagick, would cause ImageMagick to crash or, potentially, execute arbitrary code with the privileges of the user running ImageMagick A buffer overflow flaw affecting ImageMa ...

References

CWE-120http://www.openwall.com/lists/oss-security/2014/02/13/2http://lists.opensuse.org/opensuse-updates/2014-03/msg00039.htmlhttp://ubuntu.com/usn/usn-2132-1http://www.openwall.com/lists/oss-security/2014/02/13/5https://www.openwall.com/lists/oss-security/2014/02/19/13http://lists.opensuse.org/opensuse-updates/2014-03/msg00032.htmlhttp://trac.imagemagick.org/changeset/14801https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=740250https://usn.ubuntu.com/2132-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook