CVE-2017-14173

moderate-risk
Published 2017-09-07

In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.

Do I need to act?

~
1.4% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10 Medium
NETWORK / LOW complexity

Affected Products (7)

Affected Vendors

Debian Canonical Imagemagick

References (12)

Patch https://github.com/ImageMagick/ImageMagick/commit/50f54462076648ac2e36c3f58f4dad...
Exploit https://github.com/ImageMagick/ImageMagick/issues/713
Third Party Advisory https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html
Third Party Advisory https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html
Third Party Advisory https://security.gentoo.org/glsa/201711-07
Third Party Advisory https://usn.ubuntu.com/3681-1/
Patch https://github.com/ImageMagick/ImageMagick/commit/50f54462076648ac2e36c3f58f4dad...
Exploit https://github.com/ImageMagick/ImageMagick/issues/713
Third Party Advisory https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html
Third Party Advisory https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html
Third Party Advisory https://security.gentoo.org/glsa/201711-07
Third Party Advisory https://usn.ubuntu.com/3681-1/
42
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 4/34 · Minimal
Exposure 14/34 · Moderate