Home CVE Database CVE-2017-14175

CVE-2017-14175

Description

In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.

Priority: High
CVSS v3: 6.5
Publish Date: Sep 7, 2017
Related ID: --
CVSS v2: Medium
Modified Date: Sep 8, 2017

Find out more about CVE-2017-14175 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

imagemagick

Live chat
Online