PT-2015-7827 · Imagemagick+3 · Imagemagick+3

Martin Prpič

·

Published

2015-02-18

·

Updated

2020-07-31

·

CVE-2015-8901

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.0-5 Beta
Description The issue allows remote attackers to cause a denial of service, specifically an infinite loop, by using a crafted MIFF file.
Recommendations For versions prior to 6.9.0-5 Beta, update to version 6.9.0-5 Beta or later to resolve the issue.

Exploit

Fix

DoS

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

ALT-PU-2015-1188
CVE-2015-8901
DLA-960-1
OPENSUSE-SU-2016_1724-1
OPENSUSE-SU-2016_1748-1
OPENSUSE-SU-2016_1833-1
SUSE-SU-2016:1782-1
SUSE-SU-2016:1783-1
SUSE-SU-2016:1784-1
USN-3131-1

Affected Products

Alt Linux
Imagemagick
Suse
Ubuntu