5.5

CVE-2017-10800

When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GraphicsmagickGraphicsmagick Version1.3.25
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.24% 0.652
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

https://www.debian.org/security/2018/dsa-4321
http://hg.code.sf.net/p/graphicsmagick/code/rev/e5761e3a2012
Patch
Third Party Advisory
http://www.securityfocus.com/bid/99356
Third Party Advisory
VDB Entry