CVE-2017-12937

🗓️ 18 Aug 2017 12:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 109 Views

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read

Reporter	Title	Published	Views	Family All 44
AlpineLinux	CVE-2017-12937	18 Aug 201712:00	–	alpinelinux
ArchLinux	[ASA-201801-7] graphicsmagick: multiple issues	8 Jan 201800:00	–	archlinux
CNVD	GraphicsMagick Buffer Overflow Vulnerability (CNVD-2017-28586)	21 Aug 201700:00	–	cnvd
Cvelist	CVE-2017-12937	18 Aug 201712:00	–	cvelist
Debian	[SECURITY] [DLA 1082-1] graphicsmagick security update	31 Aug 201720:21	–	debian
Debian	[SECURITY] [DLA 1401-1] graphicsmagick security update	27 Jun 201821:28	–	debian
Debian	[SECURITY] [DSA 4321-1] graphicsmagick security update	16 Oct 201821:57	–	debian
Debian CVE	CVE-2017-12937	18 Aug 201712:00	–	debiancve
Tenable Nessus	Debian DLA-1082-1 : graphicsmagick security update	1 Sep 201700:00	–	nessus
Tenable Nessus	Debian DLA-1401-1 : graphicsmagick security update	28 Jun 201800:00	–	nessus

NVD

Node

graphicsmagick graphicsmagickMatch1.3.26

Node

debian debian_linuxMatch8.0

OR

debian debian_linuxMatch9.0

Source	Link
blogs	www.blogs.gentoo.org/ago/2017/08/05/graphicsmagick-heap-based-buffer-overflow-in-readsunimage-sun-c/
securityfocus	www.securityfocus.com/bid/100442
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/
usn	www.usn.ubuntu.com/4222-1/
debian	www.debian.org/security/2018/dsa-4321
hg	www.hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/
lists	www.lists.debian.org/debian-lts-announce/2018/06/msg00009.html

13 May 2026 00:24Current

7.2High risk

Vulners AI Score7.2

CVSS 26.8

CVSS 38.8

EPSS0.00945

cve-2017-12937 readsunimage function coders/sun.c graphicsmagick 1.3.26 heap-based buffer over-read nvd