Lucene search

K
nvd[email protected]NVD:CVE-2017-11527
HistoryJul 23, 2017 - 3:29 a.m.

CVE-2017-11527

2017-07-2303:29:00
CWE-400
web.nvd.nist.gov
1

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

43.9%

The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

Affected configurations

NVD
Node
imagemagickimagemagickRange6.9.8-10
OR
imagemagickimagemagickMatch7.0.1-0
OR
imagemagickimagemagickMatch7.0.1-1
OR
imagemagickimagemagickMatch7.0.1-2
OR
imagemagickimagemagickMatch7.0.1-3
OR
imagemagickimagemagickMatch7.0.1-4
OR
imagemagickimagemagickMatch7.0.1-5
OR
imagemagickimagemagickMatch7.0.1-6
OR
imagemagickimagemagickMatch7.0.1-7
OR
imagemagickimagemagickMatch7.0.1-8
OR
imagemagickimagemagickMatch7.0.1-9
OR
imagemagickimagemagickMatch7.0.1-10
OR
imagemagickimagemagickMatch7.0.2-0
OR
imagemagickimagemagickMatch7.0.2-1
OR
imagemagickimagemagickMatch7.0.2-2
OR
imagemagickimagemagickMatch7.0.2-3
OR
imagemagickimagemagickMatch7.0.2-4
OR
imagemagickimagemagickMatch7.0.2-5
OR
imagemagickimagemagickMatch7.0.2-6
OR
imagemagickimagemagickMatch7.0.2-7
OR
imagemagickimagemagickMatch7.0.2-8
OR
imagemagickimagemagickMatch7.0.2-9
OR
imagemagickimagemagickMatch7.0.2-10
OR
imagemagickimagemagickMatch7.0.3-0
OR
imagemagickimagemagickMatch7.0.3-1
OR
imagemagickimagemagickMatch7.0.3-2
OR
imagemagickimagemagickMatch7.0.3-3
OR
imagemagickimagemagickMatch7.0.3-4
OR
imagemagickimagemagickMatch7.0.3-5
OR
imagemagickimagemagickMatch7.0.3-6
OR
imagemagickimagemagickMatch7.0.3-7
OR
imagemagickimagemagickMatch7.0.3-8
OR
imagemagickimagemagickMatch7.0.3-9
OR
imagemagickimagemagickMatch7.0.3-10
OR
imagemagickimagemagickMatch7.0.4-0
OR
imagemagickimagemagickMatch7.0.4-1
OR
imagemagickimagemagickMatch7.0.4-2
OR
imagemagickimagemagickMatch7.0.4-3
OR
imagemagickimagemagickMatch7.0.4-4
OR
imagemagickimagemagickMatch7.0.4-5
OR
imagemagickimagemagickMatch7.0.4-6
OR
imagemagickimagemagickMatch7.0.4-7
OR
imagemagickimagemagickMatch7.0.4-8
OR
imagemagickimagemagickMatch7.0.4-9
OR
imagemagickimagemagickMatch7.0.4-10
OR
imagemagickimagemagickMatch7.0.5-0
OR
imagemagickimagemagickMatch7.0.5-1
OR
imagemagickimagemagickMatch7.0.5-4
OR
imagemagickimagemagickMatch7.0.5-5
OR
imagemagickimagemagickMatch7.0.5-6
OR
imagemagickimagemagickMatch7.0.5-7
OR
imagemagickimagemagickMatch7.0.5-8
OR
imagemagickimagemagickMatch7.0.5-9
OR
imagemagickimagemagickMatch7.0.5-10
OR
imagemagickimagemagickMatch7.0.6-0

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

43.9%