PT-2014-9050 · Imagemagick+3 · Imagemagick+3

Published

2014-12-31

·

Updated

2017-05-09

·

CVE-2014-9837

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions ImageMagick version 6.9.0-1 Beta and earlier
Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by utilizing a crafted png file.
Recommendations For ImageMagick version 6.9.0-1 Beta and earlier, update to a version later than 6.9.0-1 Beta to resolve the issue.

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2015-1188
CVE-2014-9837
DLA-731-1
OPENSUSE-SU-2016_1724-1
OPENSUSE-SU-2016_1748-1
OPENSUSE-SU-2016_1833-1
OPENSUSE-SU-2016_2073-1
OPENSUSE-SU-2016_3060-1
SUSE-SU-2016:1782-1
SUSE-SU-2016:1783-1
SUSE-SU-2016:1784-1
USN-3131-1

Affected Products

Alt Linux
Imagemagick
Suse
Ubuntu