High Severity Vulnerability
This vulnerability has been rated as High severity. Immediate action is recommended.
CVE-2014-9848
High
Low
Medium
High
Critical
7.5
CVSS Score
Vulnerability Description
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
N
Integrity
N
Availability
H
Known Affected Software
12 configuration(s) from 3 vendor(s)
ubuntu_linux
Version:
14.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
ubuntu_linux
Version:
16.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*
ubuntu_linux
Version:
12.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
ubuntu_linux
Version:
16.10
CPE:
cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
opensuse
Version:
13.2
CPE:
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
leap
Version:
42.2
CPE:
cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
suse_linux_enterprise_server
Version:
12.0
CPE:
cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp2:*:*:*:*:*:*
suse_linux_enterprise_desktop
Version:
12.0
CPE:
cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*
suse_linux_enterprise_workstation_extension
Version:
12.0
CPE:
cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp2:*:*:*:*:*:*
suse_linux_enterprise_server_for_raspberry_pi
Version:
12.0
CPE:
cpe:2.3:o:opensuse_project:suse_linux_enterprise_server_for_raspberry_pi:12.0:sp2:*:*:*:*:*:*
suse_linux_enterprise_software_development_kit
Version:
12.0
CPE:
cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*
leap
Version:
42.1
CPE:
cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
This vulnerability affects 12 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/06/02/13cve@mitre.org Mailing List Third Party Advisory
-
http://www.ubuntu.com/usn/USN-3131-1cve@mitre.org Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1343507cve@mitre.org Issue Tracking Patch Third Party Advisory VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/06/02/13af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://www.ubuntu.com/usn/USN-3131-1af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1343507af854a3a-2127-422b-91ae-364da2661108 Issue Tracking Patch Third Party Advisory VDB Entry
Severity Details
7.5
out of 10.0
High
Key Information
- Published Date
- March 20, 2017
