Lucene search

[email protected]CVE-2017-13066

HistoryAug 22, 2017 - 6:29 a.m.

CVE-2017-13066

2017-08-2206:29:00

CWE-772

[email protected]

web.nvd.nist.gov

cve-2017-13066

graphicsmagick

memory leak vulnerability

cloneimage

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

58.5%

JSON

GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.

CPENameOperatorVersion
graphicsmagick:graphicsmagickgraphicsmagickeq1.3.26

CPE	Name	Operator	Version
graphicsmagick:graphicsmagick	graphicsmagick	eq	1.3.26

References

www.securityfocus.com/bid/100463

sourceforge.net/p/graphicsmagick/bugs/430/

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

58.5%

JSON

Related for CVE-2017-13066

debiancve1 prion1 redhatcve1 alpinelinux1 ubuntucve1 nessus1 openvas1 archlinux1