CVE-2017-9098
Ubuntu Security Notice USN-3302-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
ImageMagick anterior a versión 7.0.5-2 y GraphicsMagick anterior a versión 1.3.24 usan memoria no inicializada en el decodificador RLE, lo que permite que un atacante filtrar información confidencial del espacio de memoria de proceso, como lo demuestran los ataques remotos contra el código de ImageMagick en un proceso de servidor de larga duración que convierte los datos de imagen en favor de múltiples usuarios. Esto es causado por una falta de pasos de inicialización en la función ReadRLEImage en el archivo coders/rle.c.
It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-05-19 CVE Reserved
- 2017-05-19 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-908: Use of Uninitialized Resource
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/98593 | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html | 2024-08-05 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3863 | 2021-04-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | < 6.9.8-1 Search vendor "Imagemagick" for product "Imagemagick" and version " < 6.9.8-1" | - |
Affected
| ||||||
| Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | >= 7.0.0-0 < 7.0.5-2 Search vendor "Imagemagick" for product "Imagemagick" and version " >= 7.0.0-0 < 7.0.5-2" | - |
Affected
| ||||||
| Graphicsmagick Search vendor "Graphicsmagick" | Graphicsmagick Search vendor "Graphicsmagick" for product "Graphicsmagick" | < 1.3.24 Search vendor "Graphicsmagick" for product "Graphicsmagick" and version " < 1.3.24" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||