Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2018-8960

Published: 23/03/2018 Updated: 19/08/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Imagemagick

Vulnerability Summary

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick 7.0.7-26

canonical ubuntu linux 16.04

canonical ubuntu linux 17.10

canonical ubuntu linux 18.04

canonical ubuntu linux 14.04

Vendor Advisories

Ubuntu Security Notice: imagemagick vulnerabilities
Several security issues were fixed in ImageMagick ...
Red Hat: CVE-2018-8960
The ReadTIFFImage function in coders/tiffc in ImageMagick 707-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read ...

References

CWE-125https://github.com/ImageMagick/ImageMagick/issues/1020http://www.securityfocus.com/bid/103523https://usn.ubuntu.com/3681-1/https://lists.debian.org/debian-lts-announce/2020/08/msg00030.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/3681-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-codedCVE-2024-27202NULL pointer dereferenceCVE-2024-28075CVE-2024-33608CVE-2024-28889CVE-2024-34572template injectionCVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook