PublicDateAtUSN: 2019-05-09
Candidate: CVE-2017-12805
PublicDate: 2019-05-09 16:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12805
 https://ubuntu.com/security/notices/USN-4034-1
Description:
 In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the
 function ReadTIFFImage, which allows attackers to cause a denial of
 service.
Ubuntu-Description:
Notes:
Bugs:
 https://github.com/ImageMagick/ImageMagick/issues/664
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_imagemagick:
 upstream: https://github.com/ImageMagick/ImageMagick/commit/5fcb3321ae36c4dda0f460a0defc99b5b4db55ef
 upstream: https://github.com/ImageMagick/ImageMagick6/commit/0701e59f00194897494fa2be74cee8ca626d8f6f
 upstream: https://github.com/ImageMagick/ImageMagick6/commit/9c31c956a1b2d65d0be0636d2eab3cd787897d35
upstream_imagemagick: released (8:6.9.9.34+dfsg-3)
precise/esm_imagemagick: DNE
trusty/esm_imagemagick: DNE
xenial_imagemagick: released (8:6.8.9.9-7ubuntu5.14)
esm-infra/xenial_imagemagick: released (8:6.8.9.9-7ubuntu5.14)
bionic_imagemagick: released (8:6.9.7.4+dfsg-16ubuntu6.7)
cosmic_imagemagick: not-affected (8:6.9.10.8+dfsg-1ubuntu2)
disco_imagemagick: not-affected
devel_imagemagick: not-affected