Main Vulnerability Database Vulnerabilities #VU15706

#VU15706 Buffer overflow in GraphicsMagick - CVE-2017-10800

Published: November 4, 2018

Vulnerability identifier: #VU15706

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-10800

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
GraphicsMagick

Software vendor:
GraphicsMagick Group

Description

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing MATLAB images in ReadMATImage() function in coders/mat.c. A remote attacker can create a specially crafted image with size for a MAT Object grater than the actual amount of data, pass it to the affected application, trigger memory corruption and crash the application.

Remediation

Install update from vendor's website.

External links

http://hg.code.sf.net/p/graphicsmagick/code/rev/e5761e3a2012

#VU15706 Buffer overflow in GraphicsMagick - CVE-2017-10800

Description

Remediation

External links

Please verify you're human