Vulnerability CVE-2014-9845


Published: 2017-03-20

Description:
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Imagemagick
Product: Imagemagick 
Version: 6.8.8-9;
Vendor: Opensuse project
Product: LEAP 
Version: 42.2; 42.1;
Product: Opensuse 
Version: 13.2;
Product: Suse linux enterprise software development kit 
Version: 12.0; 11.0;
Product: Suse linux enterprise desktop 
Version: 12.0;
Product: Suse linux enterprise workstation extension 
Version: 12.0;
Product: Suse linux enterprise server 
Version: 12.0; 11.0;
Product: Suse linux enterprise debuginfo 
Version: 11.0;
Vendor: Opensuse
Product: LEAP 
Version: 42.2;
Product: Opensuse 
Version: 13.2;
Vendor: Canonical
Product: Ubuntu linux 
Version:
16.10
16.04
14.04
12.04
Vendor: SUSE
Product: Studio onsite 
Version: 1.3;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html
http://www.openwall.com/lists/oss-security/2016/06/02/13
http://www.ubuntu.com/usn/USN-3131-1
https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=a7a7fd3ce95b7b8efb0ce1ce40f43dbbd20d8e03
https://bugzilla.redhat.com/show_bug.cgi?id=1343503

Related CVE
CVE-2019-6690
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE...
CVE-2017-16232
** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the ...
CVE-2018-16876
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.
CVE-2018-19655
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a malicio...
CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources ali...
CVE-2018-12116
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a secon...
CVE-2018-19543
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.
CVE-2018-19542
An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.

Copyright 2019, cxsecurity.com

 

Back to Top