cve-2017-11478
Vulnerability from cvelistv5
Published
2017-07-20 16:00
Modified
2024-09-17 02:00
Severity ?
EPSS score ?
Summary
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826 | Issue Tracking, Patch, Third Party Advisory | |
cve@mitre.org | https://github.com/ImageMagick/ImageMagick/issues/528 | Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826 | Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ImageMagick/ImageMagick/issues/528 | Issue Tracking, Patch, Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T18:12:39.949Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/ImageMagick/ImageMagick/issues/528" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-20T16:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/ImageMagick/ImageMagick/issues/528" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-11478", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826", "refsource": "CONFIRM", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826" }, { "name": "https://github.com/ImageMagick/ImageMagick/issues/528", "refsource": "CONFIRM", "url": "https://github.com/ImageMagick/ImageMagick/issues/528" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-11478", "datePublished": "2017-07-20T16:00:00Z", "dateReserved": "2017-07-20T00:00:00Z", "dateUpdated": "2024-09-17T02:00:40.787Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "fkie_nvd": { "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.9.9-0\", \"matchCriteriaId\": \"FD50817F-6EB7-477D-B5D9-A7E1B10E5FF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"693C9F8F-A8C1-4D06-8F31-E085E16E701C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D3D3DFC-8459-41BA-BF3E-AE84E48FCEE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3E12EB4-B8F6-43A3-847D-DBC96AE10905\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30539421-5872-4C2E-94AE-8A2B05C952C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A5B7537-8563-409D-82DE-EB07107D3C04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA648D3C-A464-4F54-8B5E-E8431531FBB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6666BB0-B211-490F-884C-BE410CD19DAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FF2582D-1513-448B-8B61-9C4844B08324\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E57E6BA4-A727-4CF5-B15F-76632D02617A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C721BC6F-61DD-4ED1-8024-2946C494AEC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.1-10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD319D32-FE7A-456D-AFEE-DC9F0D98652C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09CDF263-38F5-469F-984B-9D9A223159B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"243FF3C1-D676-4D5F-A90C-3017DCBBE73A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B8BDDE6-6B38-442B-83A4-FAADBAE1C792\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DCD89B9-6A69-41DE-BE38-5E9193828279\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"139BC277-8E00-4700-8B47-6D3A3CB38B04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0FA2E18-6F7B-49D6-B60C-38851398F9B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B7F510A-A439-47A3-AF31-4BF7F74D58A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A91B94E3-33BB-46B6-A1AE-EAA9906605CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5B3DE17-08A8-457D-9AEB-BD6E04376B34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98AD438E-28B7-4491-B58F-55FDE7F67CFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.2-10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E033A09-4F2F-4957-A9A8-5C9E7D90A1CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB9B68E7-0E40-437A-A71B-0C078FE76FD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"948D5778-AD2A-4293-AE39-A406D75F5678\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D391DECE-2408-4A8F-ACE6-F18028C422A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC773CB4-0E7B-4D73-AB9C-D7CC98C38BD7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24A0C584-9DA3-48B0-B152-67B9E0239876\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E42943C5-CC66-4E88-9085-1BD39937C09B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E396985D-BE6A-4F4C-B294-FE69724534EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1D84944-322C-4B5D-9B1C-587301747A34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B48F5327-CA20-4756-A06F-B30B660E8DA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84C11EC2-C798-4C3B-8E00-9C70C3499B33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.3-10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D30A3BD6-5903-42D6-A1E3-C6D2FE468A1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"441F9FAE-11FA-4976-8BB3-4A3A79B57663\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4389D4A-8AD4-421E-AD4D-6761F45B7F6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1620AF57-49AF-4487-80A1-07627F50F817\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF373D13-0AB1-4518-AFFE-D09A5F56E992\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86483865-BFC3-4845-80DE-A6AC632A92A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A147E12-E5D4-400E-9432-BB5BCF2352CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1F2BF9D-9821-424E-8F06-BFB637C103A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26D7231D-442B-4E7C-BCB2-EE8D787FD46D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"749B8733-47B0-4F63-874D-62DF323CD045\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD9D1C91-B67A-430B-AB24-DCC7DAF69D7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.4-10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C5BE761-44E8-4614-BBD4-3FA7148156B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79AA4723-3637-4FA7-AE60-9CEE7C535A13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D1F577A-316C-4ECE-91CB-4C15F12CC63B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"800A90FA-0B60-4AB7-8061-C9365432C09B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77990FE0-5063-455A-BF06-2CD41393E0E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68F19A0F-29E9-40A5-B6BB-23C20343CDBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72A65A02-CD63-4DDD-AFCC-FE6988F85E13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25690796-E494-4D28-BB4F-AAF40D596AC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2C0242E-0292-4DF7-A3FC-BE96DA95E7D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F853E8E-1ED2-4BDA-BE60-BBE1F658695B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"859F0FF1-EAA3-4DAC-A669-0C6B8590576F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.5-10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D7D7BFB-7FE0-4477-AF72-E5BCE1A39FFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.6-0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F56AEC8-473C-4898-A9A8-14E151F3A322\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:imagemagick:imagemagick:7.0.6-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72A6252A-35A7-4D74-AF0E-0A7B4B12B146\"}]}]}]", "descriptions": "[{\"lang\": \"en\", \"value\": \"The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n ReadOneDJVUImage en el archivo coders/djvu.c en ImageMagick hasta las versiones 6.9.9-0 y versi\\u00f3n 7.x hasta 7.0.6-1, permite a los atacantes remotos causar una denegaci\\u00f3n de servicio (bucle infinito y consumo de CPU) por medio de una imagen DJVU malformada.\"}]", "id": "CVE-2017-11478", "lastModified": "2024-11-21T03:07:52.087", "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}", "published": "2017-07-20T16:29:00.177", "references": "[{\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ImageMagick/ImageMagick/issues/528\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/ImageMagick/ImageMagick/issues/528\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}]", "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-835\"}]}]" }, "nvd": "{\"cve\":{\"id\":\"CVE-2017-11478\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-07-20T16:29:00.177\",\"lastModified\":\"2024-11-21T03:07:52.087\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n ReadOneDJVUImage en el archivo coders/djvu.c en ImageMagick hasta las versiones 6.9.9-0 y versi\u00f3n 7.x hasta 7.0.6-1, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito y consumo de CPU) por medio de una imagen DJVU malformada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.9.9-0\",\"matchCriteriaId\":\"FD50817F-6EB7-477D-B5D9-A7E1B10E5FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.0-0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B7CCC6B-C66E-48E2-BA1E-CBF6421B4FEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"693C9F8F-A8C1-4D06-8F31-E085E16E701C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3D3DFC-8459-41BA-BF3E-AE84E48FCEE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3E12EB4-B8F6-43A3-847D-DBC96AE10905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30539421-5872-4C2E-94AE-8A2B05C952C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A5B7537-8563-409D-82DE-EB07107D3C04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA648D3C-A464-4F54-8B5E-E8431531FBB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6666BB0-B211-490F-884C-BE410CD19DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FF2582D-1513-448B-8B61-9C4844B08324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E57E6BA4-A727-4CF5-B15F-76632D02617A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C721BC6F-61DD-4ED1-8024-2946C494AEC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.1-10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD319D32-FE7A-456D-AFEE-DC9F0D98652C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09CDF263-38F5-469F-984B-9D9A223159B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"243FF3C1-D676-4D5F-A90C-3017DCBBE73A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B8BDDE6-6B38-442B-83A4-FAADBAE1C792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCD89B9-6A69-41DE-BE38-5E9193828279\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"139BC277-8E00-4700-8B47-6D3A3CB38B04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0FA2E18-6F7B-49D6-B60C-38851398F9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7F510A-A439-47A3-AF31-4BF7F74D58A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A91B94E3-33BB-46B6-A1AE-EAA9906605CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B3DE17-08A8-457D-9AEB-BD6E04376B34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98AD438E-28B7-4491-B58F-55FDE7F67CFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.2-10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E033A09-4F2F-4957-A9A8-5C9E7D90A1CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB9B68E7-0E40-437A-A71B-0C078FE76FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"948D5778-AD2A-4293-AE39-A406D75F5678\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D391DECE-2408-4A8F-ACE6-F18028C422A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC773CB4-0E7B-4D73-AB9C-D7CC98C38BD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24A0C584-9DA3-48B0-B152-67B9E0239876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E42943C5-CC66-4E88-9085-1BD39937C09B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E396985D-BE6A-4F4C-B294-FE69724534EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D84944-322C-4B5D-9B1C-587301747A34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48F5327-CA20-4756-A06F-B30B660E8DA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84C11EC2-C798-4C3B-8E00-9C70C3499B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.3-10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D30A3BD6-5903-42D6-A1E3-C6D2FE468A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"441F9FAE-11FA-4976-8BB3-4A3A79B57663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4389D4A-8AD4-421E-AD4D-6761F45B7F6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1620AF57-49AF-4487-80A1-07627F50F817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF373D13-0AB1-4518-AFFE-D09A5F56E992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86483865-BFC3-4845-80DE-A6AC632A92A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A147E12-E5D4-400E-9432-BB5BCF2352CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F2BF9D-9821-424E-8F06-BFB637C103A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26D7231D-442B-4E7C-BCB2-EE8D787FD46D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"749B8733-47B0-4F63-874D-62DF323CD045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD9D1C91-B67A-430B-AB24-DCC7DAF69D7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.4-10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C5BE761-44E8-4614-BBD4-3FA7148156B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79AA4723-3637-4FA7-AE60-9CEE7C535A13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D1F577A-316C-4ECE-91CB-4C15F12CC63B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"800A90FA-0B60-4AB7-8061-C9365432C09B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77990FE0-5063-455A-BF06-2CD41393E0E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68F19A0F-29E9-40A5-B6BB-23C20343CDBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A65A02-CD63-4DDD-AFCC-FE6988F85E13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25690796-E494-4D28-BB4F-AAF40D596AC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2C0242E-0292-4DF7-A3FC-BE96DA95E7D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F853E8E-1ED2-4BDA-BE60-BBE1F658695B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"859F0FF1-EAA3-4DAC-A669-0C6B8590576F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.5-10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D7D7BFB-7FE0-4477-AF72-E5BCE1A39FFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.6-0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F56AEC8-473C-4898-A9A8-14E151F3A322\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:imagemagick:imagemagick:7.0.6-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A6252A-35A7-4D74-AF0E-0A7B4B12B146\"}]}]}],\"references\":[{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ImageMagick/ImageMagick/issues/528\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867826\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/ImageMagick/ImageMagick/issues/528\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.