CVE-2017-8765

MEDIUM

Imagemagick - Resource Leak

Title source: rule

Description

The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.

References (3)

[Issue Tracking, Patch, Third Party Advisory] https://github.com/ImageMagick/ImageMagick/issues/466

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98688

[Third Party Advisory] http://www.debian.org/security/2017/dsa-3863

Scores

CVSS v3 6.5

EPSS 0.0039

EPSS Percentile 59.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-772

Status published

Affected Products (2)

imagemagick/imagemagick

n/a/n/a

Timeline

Published May 04, 2017

Tracked Since Feb 18, 2026