Zurück zur CVE-Übersicht
CVE-2017-8325
MEDIUM(6.8)AV:N/AC:M/Au:N/C:P/I:P/A:P
Risk Signal Score18/100 — NIEDRIG
- CVSS 6.8 — Mittel
EPSS-Score
3%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
6.8
Technische Schwere
Beschreibung
The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image.
Referenzen
- https://blogs.gentoo.org/ago/2017/04/27/imageworsener-heap-based-buffer-overflow...
- https://github.com/jsummers/imageworsener/commit/86564051db45b466e5f667111ce00b5...
- https://security.gentoo.org/glsa/201706-06
- https://blogs.gentoo.org/ago/2017/04/27/imageworsener-heap-based-buffer-overflow...
- https://github.com/jsummers/imageworsener/commit/86564051db45b466e5f667111ce00b5...
- https://security.gentoo.org/glsa/201706-06