Home

CVE-2018-16644

Description

There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.241

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Imagemagic (x64) 7.0.8Windows
Multiple Vulnerabilities are affected in Imagemagic 7.0.8Windows
Multiple Vulnerabilities are affected in ImageMagick 7.0.8Windows
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) ImageMagick-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) ImageMagick-debuginfo-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) ImageMagick-debugsource-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagick++-6_Q16-3-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagickCore-6_Q16-1-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagickWand-6_Q16-1-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3465-1(SUSE Linux Enterprise Desktop 12-SP3 ) libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.85.1.x86_64.rpmLinux
SUSE-SU-2018:3808-1(SUSE Linux Enterprise Server 11-SP4 ) libMagickCore1-6.4.3.6-78.79.1.i586.rpmLinux
SUSE-SU-2018:3808-1(SUSE Linux Enterprise Server 11-SP4 ) libMagickCore1-6.4.3.6-78.79.1.x86_64.rpmLinux
SUSE-SU-2018:3808-1(SUSE Linux Enterprise Server 11-SP4 ) libMagickCore1-32bit-6.4.3.6-78.79.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-config-6-SUSE-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-config-6-upstream-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-debugsource-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagick++-6_Q16-3-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-32bit-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickWand-6_Q16-1-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234