CVE-2015-8901

Published: Feb 27, 2017Modified: May 13, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

Affected (1)

Products: Imagemagick: Imagemagick

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Imagemagick Imagemagick	From 6.0 to 6.9.0-5

Related CWEs

Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (10)

http://trac.imagemagick.org/changeset/17854

Source: cve@mitre.org

Broken Link

http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931

Source: cve@mitre.org

ExploitVendor Advisory

http://www.openwall.com/lists/oss-security/2015/02/26/13

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2016/06/06/2

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1195265

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

http://trac.imagemagick.org/changeset/17854

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://www.openwall.com/lists/oss-security/2015/02/26/13

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2016/06/06/2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1195265

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

Timeline

No history available yet.