Home

CVE-2018-20467

Description

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.374

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Imagemagic (x64) 7.0.8Windows
Multiple Vulnerabilities are affected in Imagemagic 7.0.8Windows
Multiple Vulnerabilities are affected in ImageMagick 7.0.8Windows
SUSE-SU-2019:13993-1(SUSE Linux Enterprise Server 11-SP4 ) libMagickCore1-6.4.3.6-78.92.1.i586.rpmLinux
SUSE-SU-2019:13993-1(SUSE Linux Enterprise Server 11-SP4 ) libMagickCore1-6.4.3.6-78.92.1.x86_64.rpmLinux
SUSE-SU-2019:13993-1(SUSE Linux Enterprise Server 11-SP4 ) libMagickCore1-32bit-6.4.3.6-78.92.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-config-6-SUSE-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-config-6-upstream-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) ImageMagick-debugsource-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagick++-6_Q16-3-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-32bit-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickWand-6_Q16-1-6.8.8.1-71.108.1.x86_64.rpmLinux
SUSE-SU-2019:1033-1(SUSE Linux Enterprise Desktop 12-SP4 ) libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.108.1.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update autotrace-0.31.1-38.el7.i686.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update autotrace-0.31.1-38.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update autotrace-devel-0.31.1-38.el7.i686.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update autotrace-devel-0.31.1-38.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update inkscape-0.92.2-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update inkscape-docs-0.92.2-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update inkscape-view-0.92.2-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-6.9.10.68-3.el7.i686.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-6.9.10.68-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-c++-6.9.10.68-3.el7.i686.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-c++-6.9.10.68-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-c++-devel-6.9.10.68-3.el7.i686.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-c++-devel-6.9.10.68-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-devel-6.9.10.68-3.el7.i686.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-devel-6.9.10.68-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-doc-6.9.10.68-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update ImageMagick-perl-6.9.10.68-3.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-24.3-23.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-common-24.3-23.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-el-24.3-23.el7.noarch.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-filesystem-24.3-23.el7.noarch.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-nox-24.3-23.el7.x86_64.rpmLinux
(RHSA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-terminal-24.3-23.el7.noarch.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update autotrace-0.31.1-38.el7.x86_64.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update autotrace-devel-0.31.1-38.el7.x86_64.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-24.3-23.el7.x86_64.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-common-24.3-23.el7.x86_64.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-el-24.3-23.el7.noarch.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-filesystem-24.3-23.el7.noarch.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-nox-24.3-23.el7.x86_64.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update emacs-terminal-24.3-23.el7.noarch.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update inkscape-0.92.2-3.el7.x86_64.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update inkscape-docs-0.92.2-3.el7.x86_64.rpmLinux
(CESA-2020:1180) ImageMagick security, bug fix, and enhancement update inkscape-view-0.92.2-3.el7.x86_64.rpmLinux
(RHSA-2020:1180)Moderate: security, bug fix, and enhancement update ImageMagick-debuginfo-6.9.10.68-3.el7.i686.rpmLinux
(RHSA-2020:1180)Moderate: security, bug fix, and enhancement update ImageMagick-debuginfo-6.9.10.68-3.el7.x86_64.rpmLinux
(RHSA-2020:1180)Moderate: security, bug fix, and enhancement update autotrace-debuginfo-0.31.1-38.el7.i686.rpmLinux
(RHSA-2020:1180)Moderate: security, bug fix, and enhancement update autotrace-debuginfo-0.31.1-38.el7.x86_64.rpmLinux
(RHSA-2020:1180)Moderate: security, bug fix, and enhancement update emacs-debuginfo-24.3-23.el7.x86_64.rpmLinux
(RHSA-2020:1180)Moderate: security, bug fix, and enhancement update inkscape-debuginfo-0.92.2-3.el7.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234