CVE-2018-7443
23.02.2018, 22:29
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| imagemagick | imagemagick | 7.0.7-23:q16 |
| debian | debian_linux | 7.0 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 18.04 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ImageMagick |
| ||||||||||||||||||||||||||||||
| ImageMagick-config-6-SUSE |
| ||||||||||||||||||||||||||||||
| ImageMagick-config-6-upstream |
| ||||||||||||||||||||||||||||||
| libMagick++-6_Q16-3 |
| ||||||||||||||||||||||||||||||
| libMagickCore-6_Q16-1 |
| ||||||||||||||||||||||||||||||
| libMagickCore-6_Q16-1-32bit |
| ||||||||||||||||||||||||||||||
| libMagickWand-6_Q16-1 |
|
References