Vulnerability CVE-2014-9845


Published: 2017-03-20   Modified: 2017-03-22

Description:
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

Vendor: Imagemagick
Product: Imagemagick 
Version: 6.8.8-9;
Vendor: Opensuse project
Product: LEAP 
Version: 42.2; 42.1;
Product: Opensuse 
Version: 13.2;
Product: Suse linux enterprise software development kit 
Version: 12.0; 11.0;
Product: Suse linux enterprise desktop 
Version: 12.0;
Product: Suse linux enterprise server 
Version: 12.0; 11.0;
Product: Suse linux enterprise workstation extension 
Version: 12.0;
Product: Suse linux enterprise debuginfo 
Version: 11.0;
Vendor: Canonical
Product: Ubuntu linux 
Version:
16.10
16.04
14.04
12.04
Vendor: SUSE
Product: Studio onsite 
Version: 1.3;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html
http://www.openwall.com/lists/oss-security/2016/06/02/13
http://www.ubuntu.com/usn/USN-3131-1
https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03
https://bugzilla.redhat.com/show_bug.cgi?id=1343503

Related CVE
CVE-2017-1000366
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made t...
CVE-2016-4473
/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833.
CVE-2017-7995
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project...
CVE-2016-9959
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
CVE-2016-9957
Stack-based buffer overflow in game-music-emu before 0.6.1.
CVE-2016-9958
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
CVE-2015-4680
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
CVE-2016-7797
Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection.

Copyright 2017, cxsecurity.com