Published: 24/02/2022 Updated: 26/06/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

A heap-based buffer overflow vulnerability was found in ImageMagick in versions before 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick
fedoraproject fedora 34
redhat enterprise linux 8.0

Debian Bug report logs - #1037090 imagemagick: CVE-2021-3610 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 4 Jun 2023 12:57:02 UTC Severity: important Tags: securit ...

No description is available for this CVE ...

A heap-based buffer overflow vulnerability was found in ImageMagick in ReadTIFFImage() in coders/tiffc because of an incorrect setting of the pixel array size which can lead to crash and segmentation fault This flaw affects ImageMagick versions prior to 710-0 and 7011-14 ...

CWE-787 https://bugzilla.redhat.com/show_bug.cgi?id=1973689 https://github.com/ImageMagick/ImageMagick/commit/930ff0d1a9bc42925a7856e9ea53f5fc9f318bf3 http://www.openwall.com/lists/oss-security/2023/05/29/4 http://www.openwall.com/lists/oss-security/2023/06/05/1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037090 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2021-3610

CVE-2021-3610

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect