Your submission was sent successfully! Close

CVE-2017-8765

Published: 04 May 2017

The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.

Priority

Negligible

CVSS 3 base score: 6.5

Status

Package Release Status
imagemagick
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (8:6.8.9.9-7ubuntu5.7)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [8:6.7.7.10-6ubuntu3.7])
Patches:
Upstream: https://github.com/ImageMagick/ImageMagick/commit/b3299a3f2ec597172b092e9f7b71d2c9e75287c7