ID CVE-2014-9848
Summary Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
References
Vulnerable Configurations
  • cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_server_for_raspberry_pi:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_server_for_raspberry_pi:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*
  • cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp2:*:*:*:*:*:*
    cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp2:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
  • cpe:2.3:a:imagemagick:imagemagick:-:*:*:*:*:*:*:*
    cpe:2.3:a:imagemagick:imagemagick:-:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1343507
mlist [oss-security] 20160602 Re: ImageMagick CVEs
suse
  • SUSE-SU-2016:1784
  • SUSE-SU-2016:3258
  • openSUSE-SU-2016:1748
  • openSUSE-SU-2016:1833
  • openSUSE-SU-2017:0023
ubuntu USN-3131-1
Last major update 30-10-2018 - 16:27
Published 20-03-2017 - 16:59
Last modified 30-10-2018 - 16:27
Back to Top