Home CVE Database CVE-2017-14174

CVE-2017-14174

Description

In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large length field in the header but does not contain sufficient backing data, is provided, the loop over length would consume huge CPU resources, since there is no EOF check inside the loop.

Priority: High
CVSS v3: 6.5
Publish Date: Sep 7, 2017
Related ID: --
CVSS v2: Medium
Modified Date: Sep 8, 2017

Find out more about CVE-2017-14174 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

imagemagick

Live chat
Online