Denial of Service : ImageMagick Multiple Denial of Service Vulnerabilities-01 (Jan 2017)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.810517

Categoría: Denial of Service

Título: ImageMagick Multiple Denial of Service Vulnerabilities-01 (Jan 2017) - Windows

Resumen: ImageMagick is prone to multiple denial of service vulnerabilities.

Descripción: Summary:
ImageMagick is prone to multiple denial of service vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- A memory-corruption error in 'MagickCore/profile.c' script.

- An use-after-free error 'magick/attribute.c' in script.

Vulnerability Impact:
Successful exploitation will allow
attackers to obtain sensitive information or crash the application,
resulting in a denial-of-service condition.

Affected Software/OS:
ImageMagick versions before 7.0.3-2
on Windows.

Solution:
Upgrade to ImageMagick version
7.0.3-2 or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-7799
BugTraq ID: 93264
http://www.securityfocus.com/bid/93264
Debian Security Information: DSA-3726 (Google Search)
http://www.debian.org/security/2016/dsa-3726
https://security.gentoo.org/glsa/201611-21
http://www.openwall.com/lists/oss-security/2016/10/01/6
http://www.openwall.com/lists/oss-security/2016/10/01/4
Common Vulnerability Exposure (CVE) ID: CVE-2016-7906
BugTraq ID: 93271
http://www.securityfocus.com/bid/93271
http://www.openwall.com/lists/oss-security/2016/10/02/3
http://www.openwall.com/lists/oss-security/2016/10/02/1

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.810517
Categoría:	Denial of Service
Título:	ImageMagick Multiple Denial of Service Vulnerabilities-01 (Jan 2017) - Windows
Resumen:	ImageMagick is prone to multiple denial of service vulnerabilities.
Descripción:	Summary: ImageMagick is prone to multiple denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - A memory-corruption error in 'MagickCore/profile.c' script. - An use-after-free error 'magick/attribute.c' in script. Vulnerability Impact: Successful exploitation will allow attackers to obtain sensitive information or crash the application, resulting in a denial-of-service condition. Affected Software/OS: ImageMagick versions before 7.0.3-2 on Windows. Solution: Upgrade to ImageMagick version 7.0.3-2 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7799 BugTraq ID: 93264 http://www.securityfocus.com/bid/93264 Debian Security Information: DSA-3726 (Google Search) http://www.debian.org/security/2016/dsa-3726 https://security.gentoo.org/glsa/201611-21 http://www.openwall.com/lists/oss-security/2016/10/01/6 http://www.openwall.com/lists/oss-security/2016/10/01/4 Common Vulnerability Exposure (CVE) ID: CVE-2016-7906 BugTraq ID: 93271 http://www.securityfocus.com/bid/93271 http://www.openwall.com/lists/oss-security/2016/10/02/3 http://www.openwall.com/lists/oss-security/2016/10/02/1
Copyright	Copyright (C) 2017 Greenbone AG