Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2017-12640

Published: 07/08/2017 Updated: 14/10/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Imagemagick

Vulnerability Summary

ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick 7.0.6-1

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Ubuntu Security Notice: imagemagick vulnerabilities
Several security issues were fixed in ImageMagick ...
Debian Security Advisories: DSA-4040-1 imagemagick -- security update
This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed For the oldstable distribution (jessie), these problems have been fixed in versio ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-12640
Debian Bug report logs - #870106 imagemagick: CVE-2017-12640 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Sat, 29 Jul 2017 20:39:01 UTC Severity: important Tags: ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-14682: Heap buffer overflow in GetNextToken()
Debian Bug report logs - #876488 imagemagick: CVE-2017-14682: Heap buffer overflow in GetNextToken() Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 22 Sep 2017 18:24:0 ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-14607
Debian Bug report logs - #878527 imagemagick: CVE-2017-14607 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 14 Oct 2017 11:57:02 UTC Severity: serious Tags: confirmed ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage
Debian Bug report logs - #876097 imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 18 Sep 2017 12:33:01 ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-16546
Debian Bug report logs - #881392 imagemagick: CVE-2017-16546 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 11 Nov 2017 09:03:02 UTC Severity: grave Tags: confirmed, ...
Debian CVElist Bug Report Logs: CVE-2017-12877
Debian Bug report logs - #872373 CVE-2017-12877 Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Wed, 16 Aug 2017 21:12:01 ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-11352 (Incomplete fix for CVE-2017-9144)
Debian Bug report logs - #868469 imagemagick: CVE-2017-11352 (Incomplete fix for CVE-2017-9144) Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 15 Jul 2017 19:45:01 UTC ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-12983
Debian Bug report logs - #873134 imagemagick: CVE-2017-12983 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 24 Aug 2017 19:27:01 UTC Severity: serious Tags: confirmed ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-14989
Debian Bug report logs - #878562 imagemagick: CVE-2017-14989 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 14 Oct 2017 16:51:05 UTC Severity: serious Tags: confirmed ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-13144
Debian Bug report logs - #869728 imagemagick: CVE-2017-13144 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Tue, 25 Jul 2017 22:09:01 UTC Severity: serious Tags: se ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-13134
Debian Bug report logs - #873099 imagemagick: CVE-2017-13134 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 24 Aug 2017 14:57:02 UTC Severity: serious Tags: confirmed ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-13758
Debian Bug report logs - #878508 imagemagick: CVE-2017-13758 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 14 Oct 2017 09:03:02 UTC Severity: serious Tags: confirmed ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-13769
Debian Bug report logs - #878507 imagemagick: CVE-2017-13769 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 14 Oct 2017 08:57:02 UTC Severity: serious Tags: confirmed ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2017-15277
Debian Bug report logs - #878578 imagemagick: CVE-2017-15277 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 14 Oct 2017 18:51:02 UTC Severity: serious Tags: confirmed ...

References

CWE-125https://github.com/ImageMagick/ImageMagick/issues/542http://www.securityfocus.com/bid/100155https://www.debian.org/security/2017/dsa-4019https://www.debian.org/security/2017/dsa-4040https://usn.ubuntu.com/3681-1/https://github.com/ImageMagick/ImageMagick/commit/307fa45d512641fcd105f0d57ca50c1437cd1b81https://nvd.nist.govhttps://usn.ubuntu.com/3681-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook