← volver
CVE-2017-14505

CVE-2017-14505

EPSS 1.5%
DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/ImageMagick/ImageMagick/issues/716https://lists.debian.org/debian-lts-announce/2019/05/msg00015.htmlhttps://lists.debian.org/debian-lts-announce/2020/09/msg00007.htmlhttps://usn.ubuntu.com/3681-1/http://www.securityfocus.com/bid/100882