vulnerability
Ubuntu: USN-3363-2: ImageMagick regression
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Jul 31, 2017 | Jul 31, 2017 | Feb 19, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Jul 31, 2017
Added
Jul 31, 2017
Modified
Feb 19, 2025
Description
USN-3363-1 fixed vulnerabilities in ImageMagick. The update caused a regression for certain users when processing images. The problematic patch has been reverted pending further investigation.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
Solutions
ubuntu-upgrade-imagemagickubuntu-upgrade-imagemagick-6-q16ubuntu-upgrade-libmagick-5ubuntu-upgrade-libmagick-6-q16-5v5ubuntu-upgrade-libmagickcore-6-q16-2ubuntu-upgrade-libmagickcore5
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.