Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2017-16353

Published: 01/11/2017 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Graphicsmagick

Vulnerability Summary

It exists that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

Vulnerable Product Search on Vulmon Subscribe to Product

graphicsmagick graphicsmagick 1.3.26

debian debian linux 8.0

debian debian linux 7.0

debian debian linux 9.0

Vendor Advisories

Ubuntu Security Notice: graphicsmagick vulnerabilities
Several security issues were fixed in GraphicsMagick ...
Amazon Linux AMI: ALAS-2018-966
Memory information disclosure in DescribeImage function in magick/describecGraphicsMagick is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describec file, because of a heap-based buffer over-read The portion of the code containing the vulnerability is responsible for printing the IP ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11643
Debian Bug report logs - #870157 graphicsmagick: CVE-2017-11643 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11636
Debian Bug report logs - #870149 graphicsmagick: CVE-2017-11636 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11637
Debian Bug report logs - #870153 graphicsmagick: CVE-2017-11637 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11642
Debian Bug report logs - #870156 graphicsmagick: CVE-2017-11642 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11641
Debian Bug report logs - #870155 graphicsmagick: CVE-2017-11641 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Debian CVElist Bug Report Logs: graphicsmagick: CVE-2017-11638
Debian Bug report logs - #870154 graphicsmagick: CVE-2017-11638 Package: graphicsmagick; Maintainer for graphicsmagick is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for graphicsmagick is src:graphicsmagick (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sun, 30 Jul 2017 14:21:02 UTC ...
Red Hat: CVE-2017-16353
GraphicsMagick 1326 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describec file, because of a heap-based buffer over-read The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image This vulnerability can ...

Exploits

Exploit DB: GraphicsMagick - Memory Disclosure / Heap Overflow
'''Vulnerabilities summary The following advisory describes two (2) vulnerabilities found in GraphicsMagick GraphicsMagick is “The swiss army knife of image processing Comprised of 267K physical lines (according to David A Wheeler’s SLOCCount) of source code in the base package (or 1,225K including 3rd party libraries) it provides a robust ...

References

CWE-200CWE-125https://blogs.securiteam.com/index.php/archives/3494ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txthttp://www.securityfocus.com/bid/101653https://www.exploit-db.com/exploits/43111/https://lists.debian.org/debian-lts-announce/2017/11/msg00002.htmlhttps://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlhttps://www.debian.org/security/2018/dsa-4321https://usn.ubuntu.com/4232-1/http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=e4e1c2a581d8https://nvd.nist.govhttps://usn.ubuntu.com/4232-1/https://www.exploit-db.com/exploits/43111/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook