QwikSec

Security Database

CVE

CWE

Training

CVE-2017-14739

Published: Sep 26, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/ImageMagick/ImageMagick/issues/780

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20190514 [SECURITY] [DLA 1785-1] imagemagick security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20200907 [SECURITY] [DLA 2366-1] imagemagick security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.