CVE-2017-5511
Published: 17 January 2017
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
Priority
Medium
CVSS 3 base score: 9.8
Status
| Package | Release | Status |
|---|---|---|
|
imagemagick Launchpad, Ubuntu, Debian |
Upstream |
Released
(8:6.9.7.4+dfsg-1)
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(8:6.8.9.9-7ubuntu5.5)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [8:6.7.7.10-6ubuntu3.5])
|
Notes
| Author | Note |
|---|---|
| mdeslaur | This is 0180-Fix-improper-cast-that-could-cause-an-overflow-as-de.patch |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5511
- http://www.openwall.com/lists/oss-security/2017/01/16/6
- https://usn.ubuntu.com/usn/usn-3222-1
- NVD
- Launchpad
- Debian