CVE-2020-27560

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions ImageMagick version 7.0.10-34

Description The issue is related to a division by zero error in the OptimizeLayerFrames function within the MagickCore/layer.c component of ImageMagick. This error may cause a denial of service. The vulnerability can be exploited by a remote attacker.

Recommendations For ImageMagick version 7.0.10-34, consider disabling the OptimizeLayerFrames function as a temporary workaround until a patch is available. Restrict access to the MagickCore/layer.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

BDU:2021-03431

CVE-2020-27560

DLA-2523-1

DLA-3357-1

DLA-3357-2

OPENSUSE-SU-2020:1884-1

OPENSUSE-SU-2020:1927-1

OPENSUSE-SU-2020_1884-1

OPENSUSE-SU-2020_1927-1

SUSE-SU-2020:3162-1

SUSE-SU-2020:3163-1

SUSE-SU-2020:3164-1

SUSE-SU-2020_3162-1

SUSE-SU-2020_3163-1

SUSE-SU-2020_3164-1

USN-4670-1

USN-7068-1

Affected Products

Astra Linux

Imagemagick

Linuxmint

Suse

Ubuntu

CVE-2020-27560

Weakness Enumeration

Related Identifiers

Affected Products

References · 88