CVE-2017-14165CVE-2017-14165

Affected configuration(s):

cpe:/a:graphicsmagick:graphicsmagick:1.3.26

Date published: 2017-09-06T14:29:00.240-04:00

Date last modified: 2017-09-12T14:45:11.840-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://hg.code.sf.net/p/graphicsmagick/code/rev/493da54370aa

Summary: The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.