CVE-2018-6405
30.01.2018, 21:29
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| imagemagick | imagemagick | 𝑥 < 6.9.9-35 |
| imagemagick | imagemagick | 7.0.0-0 ≤ 𝑥 < 7.0.7-23 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 18.04 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ImageMagick |
| ||||||||||||||||||||||||||||||
| ImageMagick-config-6-SUSE |
| ||||||||||||||||||||||||||||||
| ImageMagick-config-6-upstream |
| ||||||||||||||||||||||||||||||
| libMagick++-6_Q16-3 |
| ||||||||||||||||||||||||||||||
| libMagickCore-6_Q16-1 |
| ||||||||||||||||||||||||||||||
| libMagickCore-6_Q16-1-32bit |
| ||||||||||||||||||||||||||||||
| libMagickWand-6_Q16-1 |
|
Common Weakness Enumeration