Published: 01/03/2018 Updated: 08/09/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick 7.0.7-4
imagemagick imagemagick 7.0.7-6
imagemagick imagemagick 7.0.7-14
imagemagick imagemagick 7.0.7-16
imagemagick imagemagick 7.0.7-21
imagemagick imagemagick 7.0.7-23
imagemagick imagemagick 7.0.7-0
imagemagick imagemagick 7.0.7-1
imagemagick imagemagick 7.0.7-2
imagemagick imagemagick 7.0.7-17
imagemagick imagemagick 7.0.7-18
imagemagick imagemagick 7.0.7-19
imagemagick imagemagick 7.0.7-20
imagemagick imagemagick 7.0.7-9
imagemagick imagemagick 7.0.7-10
imagemagick imagemagick 7.0.7-11
imagemagick imagemagick 7.0.7-12
imagemagick imagemagick 7.0.7-25
imagemagick imagemagick 7.0.7.7
imagemagick imagemagick 7.0.7-3
imagemagick imagemagick 7.0.7-5
imagemagick imagemagick 7.0.7-8
imagemagick imagemagick 7.0.7-13
imagemagick imagemagick 7.0.7-15
imagemagick imagemagick 7.0.7-22
imagemagick imagemagick 7.0.7-24
canonical ubuntu linux 17.10
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 18.04

Several security issues were fixed in ImageMagick ...

CWE-476 https://github.com/ImageMagick/ImageMagick/issues/790 http://www.securityfocus.com/bid/103218 https://usn.ubuntu.com/3681-1/https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://nvd.nist.gov https://usn.ubuntu.com/3681-1/

CVE-2017-18209

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect