In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/103526 | Third Party Advisory VDB Entry |
https://lists.debian.org/debian-lts-announce/2018/03/msg00025.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/ | |
https://sourceforge.net/p/graphicsmagick/bugs/554/ | Exploit Issue Tracking Third Party Advisory |
https://www.debian.org/security/2018/dsa-4321 | Third Party Advisory |
Configurations
History
07 Nov 2023, 03:01
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-03-25 21:29
Updated : 2023-12-10 12:30
NVD link : CVE-2018-9018
Mitre link : CVE-2018-9018
CVE.ORG link : CVE-2018-9018
JSON object : View
Products Affected
debian
- debian_linux
graphicsmagick
- graphicsmagick
CWE
CWE-369
Divide By Zero