Vulnerability CVE-2015-8957


Published: 2017-04-20   Modified: 2017-05-09

Description:
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.

Vendor: Imagemagick
Product: Imagemagick 
Version: 6.9.0-3;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
http://www.openwall.com/lists/oss-security/2016/09/22/2
http://www.securityfocus.com/bid/93125
https://bugzilla.redhat.com/show_bug.cgi?id=1378735
https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a
https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d

Related CVE
CVE-2017-15032
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVE-2017-15033
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
CVE-2017-15015
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVE-2017-15016
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
CVE-2017-15017
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
CVE-2017-14989
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the Imag...
CVE-2017-14739
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/di...
CVE-2017-14741
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.

Copyright 2017, cxsecurity.com

 

Back to Top