Home

CVE-2017-6499

Description

An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.275

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2017-6498,CVE-2017-6499,CVE-2017-6500 are affected in Imagemagic 6.9.7Windows
Multiple Vulnerabilities are affected in ImageMagick 6.9.7Windows
Image manipulation programs and library (USN-3131-1) imagemagick_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3131-1) imagemagick_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3131-1) imagemagick_6.8.9.9-7ubuntu5.6_i386.debLinux
Image manipulation programs and library (USN-3131-1) imagemagick_6.8.9.9-7ubuntu5.6_amd64.debLinux
Image manipulation programs and library (USN-3131-1) libmagick++4_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3131-1) libmagick++4_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3131-1) libmagick++5_6.7.7.10-6ubuntu3.6_i386.debLinux
Image manipulation programs and library (USN-3131-1) libmagick++5_6.7.7.10-6ubuntu3.6_amd64.debLinux
Image manipulation programs and library (USN-3131-1) libmagickcore4_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3131-1) libmagickcore4_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3131-1) libmagickcore5_6.7.7.10-6ubuntu3.6_i386.debLinux
Image manipulation programs and library (USN-3131-1) libmagickcore5_6.7.7.10-6ubuntu3.6_amd64.debLinux
Image manipulation programs and library (USN-3131-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.6_i386.debLinux
Image manipulation programs and library (USN-3131-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.6_amd64.debLinux
Image manipulation programs and library (USN-3131-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.6_i386.debLinux
Image manipulation programs and library (USN-3131-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.6_amd64.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.8.9.9-7ubuntu5.6_i386.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.8.9.9-7ubuntu5.6_amd64.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.8.9.9-7ubuntu8.5_i386.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.8.9.9-7ubuntu8.5_amd64.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.7.7.10-6ubuntu3.6_i386.debLinux
Image manipulation programs and library (USN-3232-1) imagemagick_6.7.7.10-6ubuntu3.6_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++4_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++4_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++5_6.7.7.10-6ubuntu3.6_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++5_6.7.7.10-6ubuntu3.6_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore4_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore4_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore5_6.7.7.10-6ubuntu3.6_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore5_6.7.7.10-6ubuntu3.6_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.6_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu5.6_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu8.5_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu8.5_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.6_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu5.6_amd64.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu8.5_i386.debLinux
Image manipulation programs and library (USN-3232-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu8.5_amd64.debLinux
Image manipulation programs and library (USN-3222-1) imagemagick_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3222-1) imagemagick_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3222-1) libmagick++4_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3222-1) libmagick++4_6.6.9.7-5ubuntu3.9_amd64.debLinux
Image manipulation programs and library (USN-3222-1) libmagickcore4_6.6.9.7-5ubuntu3.9_i386.debLinux
Image manipulation programs and library (USN-3222-1) libmagickcore4_6.6.9.7-5ubuntu3.9_amd64.debLinux
imagemagick security update(DSA-3547-1) imagemagick_6.8.9.9-7.2_amd64.debLinux
imagemagick security update(DSA-3591-1) imagemagick_6.8.9.9-7.2_i386.debLinux
imagemagick security update(DSA-3808-1) imagemagick_6.8.9.9-7.2_i386.debLinux
imagemagick security update(DSA-3808-1) imagemagick_6.8.9.9-7.2_amd64.debLinux
imagemagick security update(DSA-3863-1) imagemagick_6.8.9.9-7.2_i386.debLinux
imagemagick security update(DSA-3863-1) imagemagick_6.8.9.9-7.2_amd64.debLinux
imagemagick security update(DSA-3914-1) imagemagick_6.8.9.9-7.2_i386.debLinux
imagemagick security update(DSA-4040-1) imagemagick_6.8.9.9-7.2_i386.debLinux
imagemagick security update(DSA-4040-1) imagemagick_6.8.9.9-7.2_amd64.debLinux
imagemagick security update(DSA-4204-1) imagemagick_6.8.9.9-7.2_i386.debLinux
imagemagick security update(DSA-4204-1) imagemagick_6.8.9.9-7.2_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234