Professional OVAL Repository
[Eng]
[Rus]
[Sign-In]
OVAL
Search
Categories
RedCheck
About
OVAL Definitions
OVAL Items
FSTEC Data Bank Information Security Threats
NKCKI
EOL (End Of Life)
Linux Security Advisories
Mozilla Foundation Security Advisory
IBM
VMware
Cisco
Check Point Software Technologies
Apache
Solaris
FreeBSD
Development
GitHub Enterprise
Google Chrome Security Advisories
Oracle Security Advisories
Adobe Security Advisories
OpenSSL Security Advisories
Microsoft
CVE
CWE
CPE
Latest Updates
OS ROSA
ALT Linux
Astra Linux SE 1.5
Astra Linux SE 1.6
RED OS
DSA (Debian Security Advisory) Patсh Statistics
DSA (Debian Security Advisory) Patсh Feed
DSA (Debian Security Advisory) Vulnerability Feed
DLA (Debian Security Advisory) Patсh Statistics
DLA (Debian Security Advisory) Patсh Feed
DLA (Debian Security Advisory) Vulnerability Feed
ALT Linux (Security Bulletins) Patсh Statistics
ALT Linux (Security Bulletins) Patсh Feed
ALT Linux (Security Bulletins) Vulnerability Feed
RED OS (Security Bulletins) Patсh Statistics
RED OS (Security Bulletins) Patсh Feed
RED OS (Security Bulletins) Vulnerability Feed
USN (Ubuntu Security Notice) Patсh Statistics
USN (Ubuntu Security Notice) Patсh Feed
USN (Ubuntu Security Notice) Vulnerability Feed
RHSA (RedHat Security Advisory) Patсh Statistics
RHSA (RedHat Security Advisory) Patсh Feed
RHSA (RedHat Security Advisory) Vulnerability Feed
ELSA (Oracle Linux Security Advisory) Patсh Statistics
ELSA (Oracle Linux Security Advisory) Patсh Feed
ELSA (Oracle Linux Security Advisory) Vulnerability Feed
SUSE (SUSE Security Advisories) Patсh Statistics
SUSE (SUSE Security Advisories) Patсh Feed
SUSE (SUSE Security Advisories) Vulnerability Feed
openSUSE (openSUSE Security Advisories) Patсh Statistics
openSUSE (openSUSE Security Advisories) Patсh Feed
openSUSE (openSUSE Security Advisories) Vulnerability Feed
Amazon Linux AMI (Security Bulletins) Patсh Statistics
Amazon Linux AMI (Security Bulletins) Patсh Feed
Amazon Linux AMI (Security Bulletins) Vulnerability Feed
Mageia Linux (Security Bulletins) Patсh Statistics
Mageia Linux (Security Bulletins) Patсh Feed
Mageia Linux (Security Bulletins) Vulnerability Feed
OS ROSA SX COBALT 1.0
OS ROSA DX COBALT 1.0
ROSA 7.3 (Security Advisories) Patсh Statistics
ROSA 7.3 (Security Advisories) Patсh Feed
ROSA 7.3 (Security Advisories) Vulnerability Feed
ALT Linux SPT 6.0
ALT Linux SPT 7.0
ALT 8 SP
ALT 9
RED OS Murom 7.1
RED OS Murom 7.2
IBM DB2
VMware Vulnerabilities Advisory (VMSA)
VMware vCenter Patch Advisories
VMware ESXi Patch Advisories
VMware NSX Patches
VMware NSX Vulnerabilities
VMware Photon OS 1.0 Patches
VMware Photon OS 1.0 Vulnerabilities
VMware Photon OS 2.0 Patches
VMware Photon OS 2.0 Vulnerabilities
Cisco ASA
Cisco IOS/NX-OS Advisory
Cisco NX-OS Vulnerabilities
Check Point Gaia
Apache Tomcat Advisories
Apache Tomcat Server
Apache HTTP Server
Python
Node.js
RubyGems
Qt
Microsoft Security Bulletin
Microsoft Knowledge Base Article
Microsoft SharePoint
Microsoft SharePoint Foundation 2013
Microsoft SharePoint Server 2013
Microsoft SharePoint Server 2016
About OVALdb
User manual
Pricing
Contact us
OVAL Definitions
>
OVAL Definition Details
Id
oval:com.altx-soft.nix:def:89733
[Rus]
Version
5
Class
patch
ALTXid
260817
Language
English
Severity
Medium
Title
USN-3785-1 -- ImageMagick vulnerabilities
Description
Several security issues were fixed in ImageMagick.
Family
unix
Platform
Linux Mint 17
Linux Mint 18
Linux Mint 19
Ubuntu 14.04
Ubuntu 16.04
Ubuntu 18.04
Product
imagemagick
Reference
VENDOR: USN-3785-1
VENDOR: USN-3785-1
Id:
USN-3785-1
Reference:
https://usn.ubuntu.com/3785-1/
CVE: CVE-2018-14434
CVE: CVE-2018-14434
Id:
CVE-2018-14434
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14434
Comment
: ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
772 (Missing Release of Resource after Effective Lifetime)
References:
https://github.com/ImageMagick/ImageMagick/issues/1192 (MISC)
USN-3785-1 (UBUNTU)
USN-4034-1 (UBUNTU)
CVE: CVE-2018-14435
CVE: CVE-2018-14435
Id:
CVE-2018-14435
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14435
Comment
: ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
772 (Missing Release of Resource after Effective Lifetime)
References:
https://github.com/ImageMagick/ImageMagick/issues/1193 (MISC)
USN-3785-1 (UBUNTU)
CVE: CVE-2018-14436
CVE: CVE-2018-14436
Id:
CVE-2018-14436
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14436
Comment
: ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
772 (Missing Release of Resource after Effective Lifetime)
References:
https://github.com/ImageMagick/ImageMagick/issues/1191 (MISC)
USN-3785-1 (UBUNTU)
CVE: CVE-2018-14437
CVE: CVE-2018-14437
Id:
CVE-2018-14437
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14437
Comment
: ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
772 (Missing Release of Resource after Effective Lifetime)
References:
https://github.com/ImageMagick/ImageMagick/issues/1190 (MISC)
USN-3785-1 (UBUNTU)
CVE: CVE-2018-16640
CVE: CVE-2018-16640
Id:
CVE-2018-16640
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16640
Comment
: ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
772 (Missing Release of Resource after Effective Lifetime)
References:
https://github.com/ImageMagick/ImageMagick/issues/1201 (MISC)
https://github.com/ImageMagick/ImageMagick/commit/76efa969342568841ecf320b5a041685a6d24e0b (MISC)
USN-3785-1 (UBUNTU)
CVE: CVE-2018-16750
CVE: CVE-2018-16750
Id:
CVE-2018-16750
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16750
Comment
: In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
772 (Missing Release of Resource after Effective Lifetime)
References:
https://github.com/ImageMagick/ImageMagick/issues/1118 (MISC)
USN-3785-1 (UBUNTU)
108492 (BID)
CVE: CVE-2018-14551
CVE: CVE-2018-14551
Id:
CVE-2018-14551
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14551
Comment
: The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
CVSSv2 Score:
7.5
Access vector:
NETWORK
Access complexity:
LOW
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
PARTIAL
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3 Score:
9.8
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
NONE
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
HIGH
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE:
787 (Out-of-bounds Write)
References:
https://github.com/ImageMagick/ImageMagick/issues/1221 (MISC)
USN-3785-1 (UBUNTU)
[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update (MLIST)
CVE: CVE-2018-16323
CVE: CVE-2018-16323
Id:
CVE-2018-16323
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16323
Comment
: ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
PARTIAL
Integrity impact:
NONE
Availability impact:
NONE
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
HIGH
Integrity impact:
NONE
Availability impact:
NONE
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE:
200 (Information Exposure)
References:
https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786 (MISC)
USN-3785-1 (UBUNTU)
45890 (EXPLOIT-DB)
USN-4034-1 (UBUNTU)
CVE: CVE-2018-16642
CVE: CVE-2018-16642
Id:
CVE-2018-16642
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642
Comment
: The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
787 (Out-of-bounds Write)
References:
https://github.com/ImageMagick/ImageMagick/issues/1162 (MISC)
https://github.com/ImageMagick/ImageMagick/commit/cc4ac341f29fa368da6ef01c207deaf8c61f6a2e (MISC)
[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update (MLIST)
USN-3785-1 (UBUNTU)
DSA-4316 (DEBIAN)
CVE: CVE-2018-16643
CVE: CVE-2018-16643
Id:
CVE-2018-16643
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16643
Comment
: The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
252 (Unchecked Return Value)
References:
https://github.com/ImageMagick/ImageMagick/issues/1199 (MISC)
https://github.com/ImageMagick/ImageMagick/commit/6b6bff054d569a77973f2140c0e86366e6168a6c (MISC)
[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update (MLIST)
USN-3785-1 (UBUNTU)
[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update (MLIST)
CVE: CVE-2018-16644
CVE: CVE-2018-16644
Id:
CVE-2018-16644
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644
Comment
: There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
References:
https://github.com/ImageMagick/ImageMagick/issues/1269 (MISC)
https://github.com/ImageMagick/ImageMagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135 (MISC)
https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7 (MISC)
[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update (MLIST)
USN-3785-1 (UBUNTU)
DSA-4316 (DEBIAN)
openSUSE-SU-2019:1320 (SUSE)
USN-4034-1 (UBUNTU)
CVE: CVE-2018-16645
CVE: CVE-2018-16645
Id:
CVE-2018-16645
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645
Comment
: There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
770 (Allocation of Resources Without Limits or Throttling)
References:
https://github.com/ImageMagick/ImageMagick/issues/1268 (MISC)
https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832 (MISC)
[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update (MLIST)
USN-3785-1 (UBUNTU)
DSA-4316 (DEBIAN)
USN-4034-1 (UBUNTU)
CVE: CVE-2018-16749
CVE: CVE-2018-16749
Id:
CVE-2018-16749
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16749
Comment
: In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
476 (NULL Pointer Dereference)
References:
https://github.com/ImageMagick/ImageMagick6/commit/1007b98f8795ad4bea6bc5f68a32d83e982fdae4 (MISC)
https://github.com/ImageMagick/ImageMagick/issues/1119 (MISC)
[debian-lts-announce] 20181003 [SECURITY] [DLA 1530-1] imagemagick security update (MLIST)
USN-3785-1 (UBUNTU)
[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update (MLIST)
CVE: CVE-2017-13144
CVE: CVE-2017-13144
Id:
CVE-2017-13144
Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13144
Comment
: In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.
CVSSv2 Score:
4.3
Access vector:
NETWORK
Access complexity:
MEDIUM
Authentication:
NONE
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
PARTIAL
CVSSv2 Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3 Score:
6.5
Attack vector:
NETWORK
Attack complexity:
LOW
Privileges required:
NONE
User interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality impact:
NONE
Integrity impact:
NONE
Availability impact:
HIGH
CVSSv3 Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE:
20 (Improper Input Validation)
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869728 (CONFIRM)
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438 (CONFIRM)
DSA-4019 (DEBIAN)
GLSA-201711-07 (GENTOO)
DSA-4040 (DEBIAN)
USN-3681-1 (UBUNTU)
Content available only for registered users!
ovaldb@altx-soft.com