CVE-2017-16547 : The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not prop

The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.

Published 2017-11-06 05:29:00

Updated 2018-10-18 10:29:15

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2017-16547

Graphicsmagick » Graphicsmagick » Version: 1.3.26
cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.26:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-16547

EPSS FAQ

0.91%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 74 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-16547

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-16547

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-16547

https://usn.ubuntu.com/4248-1/

USN-4248-1: GraphicsMagick vulnerabilities | Ubuntu security notices | Ubuntu

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html

[SECURITY] [DLA 1456-1] graphicsmagick security update

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/

[SECURITY] Fedora 30 Update: GraphicsMagick-1.3.32-1.fc30 - package-announce - Fedora Mailing-Lists

CVEs referencing this url
http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc

Mercurial Repository: p/graphicsmagick/code: changeset 15243:785758bbbfcc
Patch;Third Party Advisory;Vendor Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00016.html

[SECURITY] [DLA 1170-1] graphicsmagick security update

CVEs referencing this url
https://sourceforge.net/p/graphicsmagick/bugs/517/

GraphicsMagick / Bugs / #517 Push operations in DrawImage can lead to negative strncpy when looking for pop
Issue Tracking;Patch;Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/

[SECURITY] Fedora 29 Update: GraphicsMagick-1.3.32-1.fc29 - package-announce - Fedora Mailing-Lists

CVEs referencing this url
https://www.debian.org/security/2018/dsa-4321

Debian -- Security Information -- DSA-4321-1 graphicsmagick

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2017-16547

Products affected by CVE-2017-16547

Exploit prediction scoring system (EPSS) score for CVE-2017-16547

CVSS scores for CVE-2017-16547

CWE ids for CVE-2017-16547

References for CVE-2017-16547