7.5

CVE-2014-9854

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ImagemagickImagemagick Version < 6.9.4-0
OpensuseLeap Version42.1
OpensuseOpensuse Version13.2
SuseLinux Enterprise Server Version11 Updatesp4
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version16.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.66% 0.882
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.openwall.com/lists/oss-security/2016/06/02/13
Patch
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-3131-1
Third Party Advisory
http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b
Patch
https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=1343514
Patch
Third Party Advisory
Issue Tracking