CVE-2017-14174
Description
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large length field in the header but does not contain sufficient backing data, is provided, the loop over length would consume huge CPU resources, since there is no EOF check inside the loop.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.646
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities affected in Imagemagic (x64) 7.0.7 | Windows |
| Multiple vulnerabilities affected in Imagemagick 7.0.7 | Windows |
| Multiple Vulnerabilities are affected in ImageMagick 7.0.7 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234