Published: 19/07/2017 Updated: 20/04/2021

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

coders/jpeg.c in ImageMagick prior to 7.0.6-1 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick
debian debian linux 9.0
debian debian linux 10.0

Debian Bug report logs - #867894 imagemagick: CVE-2017-11450 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Mon, 10 Jul 2017 11:39:06 UTC Severity: important Tags: ...

Several security issues were fixed in ImageMagick ...

This updates fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, SVG, PSD, PDB, DPX, MAT, TGA, VST, CIN, DIB, MPC, EPT, JNG, DJVU, JPEG, ICO, PALM or MNG files are pro ...

coders/jpegc in ImageMagick before 706-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short ...

NVD-CWE-noinfo https://github.com/ImageMagick/ImageMagick/issues/556 https://github.com/ImageMagick/ImageMagick/commit/948356eec65aea91995d4b7cc487d197d2c5f602 https://security-tracker.debian.org/tracker/CVE-2017-11450 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867894 https://usn.ubuntu.com/3363-1/https://nvd.nist.gov

CVE-2017-11450

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect