Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2018-7443

Published: 23/02/2018 Updated: 19/08/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote malicious users to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick 7.0.7-23

debian debian linux 7.0

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

canonical ubuntu linux 14.04

canonical ubuntu linux 17.10

Vendor Advisories

Ubuntu Security Notice: imagemagick vulnerabilities
Several security issues were fixed in ImageMagick ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2018-7470
Debian Bug report logs - #891420 imagemagick: CVE-2018-7470 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 25 Feb 2018 13:15:02 UTC Severity: minor Tags: fixed-upstre ...
Debian CVElist Bug Report Logs: imagemagick: CVE-2018-7443
Debian Bug report logs - #891291 imagemagick: CVE-2018-7443 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 24 Feb 2018 10:03:01 UTC Severity: important Tags: fixed-up ...
Red Hat: CVE-2018-7443
The ReadTIFFImage function in coders/tiffc in ImageMagick 707-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memoryc) ...

References

CWE-770https://github.com/ImageMagick/ImageMagick/issues/999https://lists.debian.org/debian-lts-announce/2018/02/msg00028.htmlhttps://usn.ubuntu.com/3681-1/https://lists.debian.org/debian-lts-announce/2020/08/msg00030.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/3681-1/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228CVE-2024-20361log injectionbypassCVE-2024-4985CVE-2024-35223CVE-2024-29849CVE-2024-31893IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook