CVE-2023-34474

Updated: 2023-11-07 19:48:20.294858

Description:

A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 7 ELS imagemagick 6.9.10.68 5.5 MEDIUM Ignored 2024-04-08 14:08:52
Ubuntu 16.04 ELS imagemagick 6.8.9.9-7 5.5 MEDIUM Not Vulnerable 2024-05-09 10:18:35
Ubuntu 18.04 ELS imagemagick 6.9.7.4 5.5 MEDIUM Ignored 2023-06-27 03:33:07