CVE-2017-7275

SOURCE - nist

Summary

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

EPSS Score⁠: 0.00236 (0.615)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

SOURCE - redhat

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

Sources (4)

Impacted images

debian

CREATED

7 years ago

UPDATED

17 days ago

SOURCE IDCVE-2017-7275⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
debian/imagemagick	deb	debian	12	>=8:6.9.11.60+dfsg-1.6	Not yet available
debian/imagemagick	deb	debian	unstable	>=8:6.9.12.98+dfsg1-5.2	Not yet available
debian/imagemagick	deb	debian	13	>=8:6.9.12.98+dfsg1-5.2	Not yet available
debian/imagemagick	deb	debian	10	>=8:6.9.10.23+dfsg-2.1+deb10u1	Not yet available
debian/imagemagick	deb	debian	11	>=8:6.9.11.60+dfsg-1.3+deb11u2	Not yet available

Severity and metrics

No CVSS data available from this source.

nist

CREATED

7 years ago

UPDATED

7 years ago

SOURCE IDCVE-2017-7275⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-119⁠

CVSS SCORE

5.5medium

ubuntu

CREATED

7 years ago

UPDATED

1 month ago

SOURCE IDCVE-2017-7275⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.5low

redhat

CREATED

7 years ago

UPDATED

10 months ago

SOURCE IDCVE-2017-7275⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-119⁠

CVSS SCORE

3.3medium