QwikSec

Security Database

CVE

CWE

Training

CVE-2017-14175

Published: Sep 7, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/ImageMagick/ImageMagick/issues/712

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_GENTOO

[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update

mailing-list

x_refsource_MLIST

https://github.com/ImageMagick/ImageMagick/commit/d9a8234d211da30baf9526fbebe9a8438ea7e11c

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.