CVE-2023-3195

Published: Jun 16, 2023

Modified: Dec 3, 2024

PUBLISHED

Description

A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.

Vendor	Product	Versions
n/a	ImageMagick	affected `Fixed in ImageMagick 6.9.12-26, ImageMagick 7.1.0-11`

Weaknesses (CWE)

CWE-121

References

https://bugzilla.redhat.com/show_bug.cgi?id=2214141

https://www.openwall.com/lists/oss-security/2023/05/29/1

https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023

https://github.com/ImageMagick/ImageMagick/commit/f620340935777b28fa3f7b0ed7ed6bd86946934c

https://access.redhat.com/security/cve/CVE-2023-3195

FEDORA-2023-27548af422

vendor-advisory

FEDORA-2023-edbdccae2a

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-3195

Description

Affected Products

Weaknesses (CWE)

References