1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
Candidate: CVE-2017-11530
PublicDate: 2017-07-22
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11530
Description:
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and
7.x before 7.0.6-1 allows remote attackers to cause a denial of service
(memory consumption) via a crafted file.
Ubuntu-Description:
Notes:
mdeslaur> This is 0236-Memory-exhaustion-in-ReadEPTImage-in-ept.c.patch
Bugs:
https://github.com/ImageMagick/ImageMagick/issues/524
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867821
Priority: medium
Discovered-by:
Assigned-to:
Patches_imagemagick:
upstream: https://github.com/ImageMagick/ImageMagick/commit/eee1829d5908019721972baece1e3a157a897d24
upstream_imagemagick: released (8:6.9.7.4+dfsg-12)
precise/esm_imagemagick: DNE
trusty_imagemagick: released (8:6.7.7.10-6ubuntu3.8)
vivid/ubuntu-core_imagemagick: DNE
xenial_imagemagick: released (8:6.8.9.9-7ubuntu5.8)
yakkety_imagemagick: ignored (reached end-of-life)
zesty_imagemagick: released (8:6.9.7.4+dfsg-3ubuntu1.2)
devel_imagemagick: not-affected (8:6.9.7.4+dfsg-12ubuntu1)
|