CVE-2014-9850

Published: Mar 20, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

Affected (11)

Products: Opensuse: Opensuse · Opensuse Project: Leap, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Workstation Extension · Canonical: Ubuntu Linux · +1 more

Show all products

Opensuse: Opensuse · Opensuse Project: Leap, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Workstation Extension · Canonical: Ubuntu Linux · Imagemagick: Imagemagick

1 product

Opensuse Project

5 products

Suse Linux Enterprise Desktop

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Suse Linux Enterprise Workstation Extension

1 product

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 13.2
Opensuse Project Leap	Version 42.1
Opensuse Project Suse Linux Enterprise Desktop	Version 12.0 sp1
Opensuse Project Suse Linux Enterprise Server	Version 12.0 sp1
Opensuse Project Suse Linux Enterprise Software Development Kit	Version 12.0 sp1
Opensuse Project Suse Linux Enterprise Workstation Extension	Version 12.0 sp1

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 16.10

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Imagemagick Imagemagick	Version 6.8.8-9

Related CWEs

References (14)

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2016/06/02/13

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.ubuntu.com/usn/USN-3131-1

Source: cve@mitre.org

Third Party Advisory

https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=2257d1eadd02d89d225fce21013a1219d221dc7d

Source: cve@mitre.org

PatchThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1343510

Source: cve@mitre.org

Issue TrackingPatchThird Party AdvisoryVDB Entry

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2016/06/02/13

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.ubuntu.com/usn/USN-3131-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=2257d1eadd02d89d225fce21013a1219d221dc7d

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1343510

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party AdvisoryVDB Entry

Timeline

No history available yet.