CVE-2017-13140
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
Affected (58)
Products: Imagemagick: Imagemagick
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 6.9.9-0 |
References (8)
Source: cve@mitre.org
ExploitPatchThird Party Advisory
Source: cve@mitre.org
ExploitPatchThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.