Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2017-11537

Published: 23/07/2017 Updated: 03/10/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Imagemagick

Vulnerability Summary

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick 7.0.6-1

Vendor Advisories

Ubuntu Security Notice: imagemagick vulnerabilities
Several security issues were fixed in ImageMagick ...
Red Hat: CVE-2017-11537
When ImageMagick 706-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palmc, related to an incorrect bits-per-pixel calculation ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-11523: endless loop in ReadTXTImage
Debian Bug report logs - #869210 imagemagick: CVE-2017-11523: endless loop in ReadTXTImage Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Fri, 21 Jul 2017 15:39:02 U ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-13145
Debian Bug report logs - #869830 imagemagick: CVE-2017-13145 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Wed, 26 Jul 2017 20:51:02 UTC Severity: important Tags: ...
Debian CVElist Bug Report Logs: CVE-2017-11535: heap based overflow in ps.c
Debian Bug report logs - #869827 CVE-2017-11535: heap based overflow in psc Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Wed, 26 Jul 2017 20:30:01 UTC Severity: ...
Debian CVElist Bug Report Logs: CVE-2017-11537: palm fpe
Debian Bug report logs - #869712 CVE-2017-11537: palm fpe Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 20:36:01 UTC Severity: important Tags: sec ...
Debian CVElist Bug Report Logs: CVE-2017-11536 memory leak in jp2 coder
Debian Bug report logs - #869831 CVE-2017-11536 memory leak in jp2 coder Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Wed, 26 Jul 2017 21:03:02 UTC Severity: impo ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-12431: use after free in ReadWMFImage
Debian Bug report logs - #869715 imagemagick: CVE-2017-12431: use after free in ReadWMFImage Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 20:45:09 ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-12664
Debian Bug report logs - #869721 imagemagick: CVE-2017-12664 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 21:33:01 UTC Severity: important Tags: ...
Debian CVElist Bug Report Logs: CVE-2017-11534: wmf memory leak
Debian Bug report logs - #869711 CVE-2017-11534: wmf memory leak Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 20:33:04 UTC Severity: important Ta ...
Debian CVElist Bug Report Logs: CVE-2017-11532: memory leak in coders/mpc.c.
Debian Bug report logs - #869726 CVE-2017-11532: memory leak in coders/mpcc Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 21:57:02 UTC Severity: ...
Debian CVElist Bug Report Logs: CVE-2017-11531: Memory Leak in coders/histogram.c.
Debian Bug report logs - #869725 CVE-2017-11531: Memory Leak in coders/histogramc Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 21:51:02 UTC Sev ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-12430: Memory exhaustion in mpc coder
Debian Bug report logs - #869727 imagemagick: CVE-2017-12430: Memory exhaustion in mpc coder Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 22:06:01 ...
Debian CVElist Bug Report Logs: CVE-2017-11533: heap buffer overflow in uil coder
Debian Bug report logs - #869834 CVE-2017-11533: heap buffer overflow in uil coder Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Wed, 26 Jul 2017 21:15:05 UTC Seve ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-12642
Debian Bug report logs - #869796 imagemagick: CVE-2017-12642 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Wed, 26 Jul 2017 14:15:02 UTC Severity: important Tags: ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-11446
Debian Bug report logs - #868950 imagemagick: CVE-2017-11446 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 19 Jul 2017 19:09:01 UTC Severity: important Tags: fixed-u ...
Debian CVElist Bug Report Logs: Imagemagick: memory leak in quantize
Debian Bug report logs - #869722 Imagemagick: memory leak in quantize Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 21:33:07 UTC Severity: importa ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-9500: assertion failed in ResetImageProfileIterator
Debian Bug report logs - #867778 imagemagick: CVE-2017-9500: assertion failed in ResetImageProfileIterator Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 9 Jul 2017 1 ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-13144
Debian Bug report logs - #869728 imagemagick: CVE-2017-13144 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 22:09:01 UTC Severity: serious Tags: se ...

References

CWE-682https://github.com/ImageMagick/ImageMagick/issues/560https://www.debian.org/security/2017/dsa-4019https://usn.ubuntu.com/3681-1/https://lists.debian.org/debian-lts-announce/2019/05/msg00015.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/3681-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook