Published: 20/04/2017 Updated: 09/05/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Buffer overflow in ImageMagick prior to 6.9.0-4 Beta allows remote malicious users to cause a denial of service (application crash) via a crafted SUN file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick

Several security issues were fixed in ImageMagick ...

This updates fixes many vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, EXIF, RGF or BMP files are processed For the stabl ...

Buffer overflow in ImageMagick before 690-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file ...

CWE-119 https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4 https://bugzilla.redhat.com/show_bug.cgi?id=1378735 http://www.securityfocus.com/bid/93125 http://www.openwall.com/lists/oss-security/2016/09/22/2 http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838 https://usn.ubuntu.com/3131-1/https://nvd.nist.gov

CVE-2015-8957

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect