CVE-2017-14175

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-14175

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14175.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-14175

Related

Published

2017-09-07T06:29:00Z

Modified

2024-08-01T08:10:31.628632Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.

References

Affected packages

Debian:11 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.9.34+dfsg-3

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.9.34+dfsg-3

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / imagemagick

Package

Name: imagemagick
Purl: pkg:deb/debian/imagemagick?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.9.9.34+dfsg-3

Ecosystem specific

{
    "urgency": "low"
}

Git / github.com/imagemagick/imagemagick

Affected ranges

Type: GIT
Repo: https://github.com/imagemagick/imagemagick
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d9a8234d211da30baf9526fbebe9a8438ea7e11c

Affected versions

7.*

7.0.1-0

7.0.1-1

7.0.1-10

7.0.1-2

7.0.1-3

7.0.1-4

7.0.1-5

7.0.1-6

7.0.1-7

7.0.1-8

7.0.1-9

7.0.2-0

7.0.2-1

7.0.2-10

7.0.2-2

7.0.2-3

7.0.2-4

7.0.2-5

7.0.2-6

7.0.2-7

7.0.2-8

7.0.2-9

7.0.3-0

7.0.3-1

7.0.3-10

7.0.3-2

7.0.3-3

7.0.3-4

7.0.3-5

7.0.3-6

7.0.3-7

7.0.3-8

7.0.3-9

7.0.4-0

7.0.4-1

7.0.4-10

7.0.4-2

7.0.4-3

7.0.4-4

7.0.4-5

7.0.4-6

7.0.4-7

7.0.4-8

7.0.4-9

7.0.5-0

7.0.5-1

7.0.5-10

7.0.5-2

7.0.5-3

7.0.5-4

7.0.5-5

7.0.5-6

7.0.5-7

7.0.5-8

7.0.5-9

7.0.6-0

7.0.6-1

7.0.6-2

7.0.6-3

7.0.6-4

7.0.6-5

7.0.6-6

7.0.6-7

7.0.6-8

7.0.6-9