CVE-2017-6500
Published: 05 March 2017
An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.
Priority
Medium
CVSS 3 base score: 5.5
Status
| Package | Release | Status |
|---|---|---|
|
imagemagick Launchpad, Ubuntu, Debian |
Upstream |
Released
(8:6.9.7.4+dfsg-2)
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(8:6.8.9.9-7ubuntu5.6)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [8:6.7.7.10-6ubuntu3.6])
|
|
|
Patches: Upstream: https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528 |
||
Notes
| Author | Note |
|---|---|
| mdeslaur | This is 0184-Fix-an-out-of-bound-error-in-sun-file-handling.patch |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6500
- https://usn.ubuntu.com/usn/usn-3232-1
- NVD
- Launchpad
- Debian