Vulnerabilities > CVE-2017-12876 - Out-of-bounds Write vulnerability in Imagemagick

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
imagemagick
CWE-787
nessus

Summary

Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.

Vulnerable Configurations

Part Description Count
Application
Imagemagick
63

Common Weakness Enumeration (CWE)

Nessus

NASL familyGentoo Local Security Checks
NASL idGENTOO_GLSA-201711-07.NASL
descriptionThe remote host is affected by the vulnerability described in GLSA-201711-07 (ImageMagick: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in ImageMagick. Please review the referenced CVE identifiers for details. Impact : Remote attackers, by enticing a user to process a specially crafted file, could obtain sensitive information, cause a Denial of Service condition, or have other unspecified impacts. Workaround : There is no known workaround at this time.
last seen2020-06-01
modified2020-06-02
plugin id104515
published2017-11-13
reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/104515
titleGLSA-201711-07 : ImageMagick: Multiple vulnerabilities