Published: 24/03/2017 Updated: 15/10/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Double free vulnerability in magick/profile.c in ImageMagick allows remote malicious users to have unspecified impact via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick
debian debian linux 8.0
debian debian linux 9.0

Several security issues were fixed in ImageMagick ...

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, IPL, MPC or PSB files are processed For the stable distribution (jessie), these problems have been fixed in version ...

Debian Bug report logs - #851374 imagemagick: CVE-2017-5511: coders/psdc: memory corruption heap overflow Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Bastien ROUCARI� ...

Debian Bug report logs - #851383 imagemagick: CVE-2017-5506: magick/profilec: double-free memory corruption Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Bastien ROUCAR ...

Debian Bug report logs - #848139 CVE-2016-8707 ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Bastien ROUCARIES <roucariesbastien@gmailcom> Date: Wed ...

Debian Bug report logs - #851382 imagemagick: CVE-2017-5507: coders/mpcc: memory leak in mpc file handling Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Bastien ROUCARI ...

Debian Bug report logs - #851380 imagemagick: CVE-2016-10146: memory leak in caption and label handling Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Bastien ROUCARIÈS ...

Debian Bug report logs - #851376 imagemagick: CVE-2017-5510: coders/psdc: out-of-bounds write flaw in psd file handling Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Ba ...

Debian Bug report logs - #851381 imagemagick: CVE-2017-5508: PushQuantumPixel heap buffer-overflow Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Bastien ROUCARIÈS <r ...

Double free vulnerability in magick/profilec in ImageMagick allows remote attackers to have unspecified impact via a crafted file ...

CWE-415 https://github.com/ImageMagick/ImageMagick/issues/354 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383 http://www.securityfocus.com/bid/95753 http://www.openwall.com/lists/oss-security/2017/01/17/5 http://www.openwall.com/lists/oss-security/2017/01/16/6 https://security.gentoo.org/glsa/201702-09 http://www.debian.org/security/2017/dsa-3799 https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f https://usn.ubuntu.com/3222-1/https://nvd.nist.gov

Get Started

CVE-2017-5506

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect