CVE-2018-18024

Sažetak

In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

Reference

https://github.com/ImageMagick/ImageMagick/issues/1337
https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html
https://usn.ubuntu.com/4034-1/

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

19-08-2020 - 02:15

Objavljeno

07-10-2018 - 18:29