CVE-2017-12876 — Out-of-bounds Write in Imagemagick

Severity

6.5MEDIUMNVD

EPSS

0.5%

top 35.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 28

Latest updateMay 13

Description

Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

▶NVDimagemagick/imagemagick7.0.0-0 — 7.0.6-6

GHSA

GHSA-rp9x-q47m-wg87: Heap-based buffer overflow in enhance↗2022-05-13

▶

Red Hat

ImageMagick: Heap-based buffer overflow in enhance.c↗2017-08-10

▶

Debian

CVE-2017-12876: imagemagick - Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows rem...↗2017

▶

Bugzilla

CVE-2017-12876 ImageMagick: Heap-based buffer overflow in enhance.c↗2017-08-31

▶