Home CVE Database CVE-2017-10928

CVE-2017-10928

Description

In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c.

Priority: MEDIUM
CVSS v3: 8.8
Publish Date: Jul 5, 2017
Related ID: --
CVSS v2: High
Modified Date: Jul 10, 2017

Find out more about CVE-2017-10928 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

imagemagick

Live chat
Online