Vulnerability Details CVE-2017-9501
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/98943
- https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74
- https://github.com/ImageMagick/ImageMagick/issues/491
- http://www.securityfocus.com/bid/98943
- https://github.com/ImageMagick/ImageMagick/commit/01843366d6a7b96e22ad7bb67f3df7d9fd4d5d74
- https://github.com/ImageMagick/ImageMagick/issues/491
Products affected by CVE-2017-9501
-
cpe:2.3:a:imagemagick:imagemagick:7.0.5-7