CVE-2017-15015

Published: 04 October 2017

ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
Upstream
Released (8:6.9.9.34+dfsg-3)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (8:6.9.7.4+dfsg-16ubuntu6.2)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (8:6.8.9.9-7ubuntu5.11)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [code not present])
Patches:
Upstream: https://github.com/ImageMagick/ImageMagick/commit/0cbb3b3b02e7af493a9aafa8f7e7d23fc70644e4