PT-2018-16914 · Imagemagick+2 · Imagemagick+2
Littleputa1
·
Published
2018-01-12
·
Updated
2019-10-03
·
CVE-2018-5357
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
ImageMagick version 7.0.7-22 Q16
Description
The issue concerns memory leaks in the
ReadDCMImage function located in coders/dcm.c. This problem can lead to potential security risks due to the inefficient handling of memory.Recommendations
For ImageMagick version 7.0.7-22 Q16, consider applying a patch or fix that addresses the memory leaks in the
ReadDCMImage function as a permanent solution. As a temporary workaround, restrict the use of the ReadDCMImage function until a patch is available to minimize the risk of exploitation.Exploit
Fix
Missing Release of Resource after Effective Lifetime
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Imagemagick
Suse
Ubuntu