A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.
Divide By Zero
Divide By Zero
-
Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
---|---|---|---|---|---|
debian/imagemagick | deb | debian | 12 | >=8:6.9.11.60+dfsg-1.6 | Not yet available |
debian/imagemagick | deb | debian | unstable | >=8:6.9.12.98+dfsg1-5.2 | Not yet available |
debian/imagemagick | deb | debian | 10 | >=8:6.9.10.23+dfsg-2.1+deb10u1 | Not yet available |
debian/imagemagick | deb | debian | 13 | >=8:6.9.12.98+dfsg1-5.2 | Not yet available |
debian/imagemagick | deb | debian | 11 | >=8:6.9.11.60+dfsg-1.3+deb11u2 | Not yet available |
Severity and metrics
No CVSS data available from this source.
3.9
-
3.9
3.9
3.9