Home

CVE-2017-7606

Description

coders/rle.c in ImageMagick 7.0.5-4 has an outside the range of representable values of type unsigned char undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.379

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Imagemagic (x64) 7.0.5Windows
Multiple Vulnerabilities are affected in Imagemagic 7.0.5Windows
Multiple Vulnerabilities are affected in ImageMagick 7.0.5Windows
Image manipulation programs and library (USN-3302-1) imagemagick_6.8.9.9-7ubuntu5.7_i386.debLinux
Image manipulation programs and library (USN-3302-1) imagemagick_6.8.9.9-7ubuntu5.7_amd64.debLinux
Image manipulation programs and library (USN-3302-1) imagemagick_6.8.9.9-7ubuntu8.6_i386.debLinux
Image manipulation programs and library (USN-3302-1) imagemagick_6.8.9.9-7ubuntu8.6_amd64.debLinux
Image manipulation programs and library (USN-3302-1) imagemagick_6.7.7.10-6ubuntu3.7_i386.debLinux
Image manipulation programs and library (USN-3302-1) imagemagick_6.7.7.10-6ubuntu3.7_amd64.debLinux
Image manipulation programs and library (USN-3302-1) imagemagick_6.9.7.4+dfsg-3ubuntu1.1_i386.debLinux
Image manipulation programs and library (USN-3302-1) imagemagick_6.9.7.4+dfsg-3ubuntu1.1_amd64.debLinux
Image manipulation programs and library (USN-3302-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu8.6_i386.debLinux
Image manipulation programs and library (USN-3302-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu8.6_amd64.debLinux
Image manipulation programs and library (USN-3302-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu8.6_i386.debLinux
Image manipulation programs and library (USN-3302-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu8.6_amd64.debLinux
Imagemagick 6.7.7.10-6ubuntu3.7 for Ubuntu 14.04 LTS (x64) imagemagick_6.7.7.10-6ubuntu3.7_amd64.debLinux
Imagemagick 6.7.7.10-6ubuntu3.7 for Ubuntu 14.04 LTS imagemagick_6.7.7.10-6ubuntu3.7_i386.debLinux
Imagemagick 6.8.9.9-7ubuntu5.7 for Ubuntu 16.04 LTS (x64) imagemagick_6.8.9.9-7ubuntu5.7_amd64.debLinux
Imagemagick 6.8.9.9-7ubuntu5.7 for Ubuntu 16.04 LTS imagemagick_6.8.9.9-7ubuntu5.7_i386.debLinux
Imagemagick 6.8.9.9-7ubuntu8.6 for Ubuntu 16.10 (x64) imagemagick_6.8.9.9-7ubuntu8.6_amd64.debLinux
Imagemagick 6.8.9.9-7ubuntu8.6 for Ubuntu 16.10 imagemagick_6.8.9.9-7ubuntu8.6_i386.debLinux
Image manipulation programs and library (USN-3222-1) imagemagick_6.8.9.9-7ubuntu8.6_i386.debLinux
Image manipulation programs and library (USN-3222-1) imagemagick_6.8.9.9-7ubuntu8.6_amd64.debLinux
Image manipulation programs and library (USN-3222-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu8.6_i386.debLinux
Image manipulation programs and library (USN-3222-1) libmagick++-6.q16-5v5_6.8.9.9-7ubuntu8.6_amd64.debLinux
Image manipulation programs and library (USN-3222-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu8.6_i386.debLinux
Image manipulation programs and library (USN-3222-1) libmagickcore-6.q16-2_6.8.9.9-7ubuntu8.6_amd64.debLinux
imagemagick security update(DSA-3863-1) imagemagick_6.8.9.9-5+deb8u9_kfreebsd-i386.debLinux
imagemagick security update(DSA-3863-1) imagemagick_6.8.9.9-5+deb8u9_kfreebsd-amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234