CVE-2017-14060CVE-2017-14060

Affected configuration(s):

cpe:/a:imagemagick:imagemagick:7.0.6-10

Date published: 2017-08-31T11:29:00.513-04:00

Date last modified: 2017-11-12T21:29:02.697-05:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: https://github.com/ImageMagick/ImageMagick/issues/710

Summary: In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.