CVE-2020-25667
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0.
La función TIFFGetProfiles() en el archivo /coders/tiff.c llama a la función strstr() lo que causa una gran lectura fuera de límites cuando busca `"dc:format=\"image/dng\"` dentro de "profile" debido al manejo inapropiado de una cadena, cuando un archivo de entrada diseñado es proporcionado a ImageMagick. El parche usa un tipo StringInfo en lugar de una cadena C sin procesar para remediar esto. Esto podría causar un impacto en la disponibilidad de la aplicación. Este fallo afecta a ImageMagick versiones anteriores a 7.0.9- 0
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-09-16 CVE Reserved
- 2020-12-08 CVE Published
- 2023-08-24 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-122: Heap-based Buffer Overflow
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1891613 | 2024-08-04 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | < 6.9.10-69 Search vendor "Imagemagick" for product "Imagemagick" and version " < 6.9.10-69" | - |
Affected
| ||||||
Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | >= 7.0.0-0 < 7.0.9-0 Search vendor "Imagemagick" for product "Imagemagick" and version " >= 7.0.0-0 < 7.0.9-0" | - |
Affected
|