CVE-2016-5240
Description
The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.408
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| ImageMagick update (ELSA-2016-1237) ImageMagick-6.7.8.9-15.el7_2.x86_64.rpm | Linux |
| ImageMagick-c++ update (ELSA-2016-1237) ImageMagick-c++-6.7.8.9-15.el7_2.x86_64.rpm | Linux |
| ImageMagick-c++-devel update (ELSA-2016-1237) ImageMagick-c++-devel-6.7.8.9-15.el7_2.x86_64.rpm | Linux |
| ImageMagick-devel update (ELSA-2016-1237) ImageMagick-devel-6.7.8.9-15.el7_2.x86_64.rpm | Linux |
| ImageMagick-doc update (ELSA-2016-1237) ImageMagick-doc-6.7.8.9-15.el7_2.x86_64.rpm | Linux |
| ImageMagick-perl update (ELSA-2016-1237) ImageMagick-perl-6.7.8.9-15.el7_2.x86_64.rpm | Linux |
| ImageMagick update (ELSA-2016-1237) ImageMagick-6.7.8.9-15.el7_2.i686.rpm | Linux |
| ImageMagick-c++ update (ELSA-2016-1237) ImageMagick-c++-6.7.8.9-15.el7_2.i686.rpm | Linux |
| ImageMagick-c++-devel update (ELSA-2016-1237) ImageMagick-c++-devel-6.7.8.9-15.el7_2.i686.rpm | Linux |
| ImageMagick-devel update (ELSA-2016-1237) ImageMagick-devel-6.7.8.9-15.el7_2.i686.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234