Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2017-14314

Published: 12/09/2017 Updated: 08/01/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Graphicsmagick

Vulnerability Summary

Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote malicious users to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

graphicsmagick graphicsmagick 1.3.26

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Ubuntu Security Notice: graphicsmagick vulnerabilities
Several security issues were fixed in GraphicsMagick ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11643
Debian Bug report logs - #870157 graphicsmagick: CVE-2017-11643 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11636
Debian Bug report logs - #870149 graphicsmagick: CVE-2017-11636 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11637
Debian Bug report logs - #870153 graphicsmagick: CVE-2017-11637 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11642
Debian Bug report logs - #870156 graphicsmagick: CVE-2017-11642 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11641
Debian Bug report logs - #870155 graphicsmagick: CVE-2017-11641 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11638
Debian Bug report logs - #870154 graphicsmagick: CVE-2017-11638 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...

References

CWE-125https://sourceforge.net/p/graphicsmagick/bugs/448/http://hg.code.sf.net/p/graphicsmagick/code/rev/2835184bfb78https://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlhttps://www.debian.org/security/2018/dsa-4321https://usn.ubuntu.com/4232-1/https://nvd.nist.govhttps://usn.ubuntu.com/4232-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook