DNA View

High Severity Vulnerability

This vulnerability has been rated as High severity. Immediate action is recommended.

CVE-2014-9854

High

Low Medium High Critical

7.5

CVSS Score

Published: Mar 17, 2017

Last Modified: Apr 20, 2025

CWE: CWE-399

Vulnerability Description

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

9 configuration(s) from 3 vendor(s)

ubuntu_linux

Version:

14.04

CPE:

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

ubuntu_linux

Version:

16.04

CPE:

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*

ubuntu_linux

Version:

12.04

CPE:

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

ubuntu_linux

Version:

16.10

CPE:

cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*

opensuse

Version:

13.2

CPE:

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

leap

Version:

42.1

CPE:

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

suse_linux_enterprise_server

Version:

CPE:

cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*

linux_enterprise_server

Version:

CPE:

cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:*:*:*

linux_enterprise_software_development_kit

Version:

CPE:

cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:-:*:*:*:*:*:*

This vulnerability affects 9 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

7.5

out of 10.0

High

Weakness Type (CWE)

CWE-399

View CWE Details on MITRE

Key Information

Published Date: March 17, 2017

External Resources

NIST NVD

National Vulnerability Database

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages

High Severity Vulnerability

CVE-2014-9854

Vulnerability Description

CVSS Metrics

Known Affected Software

canonical

opensuse

suse

References & Resources

Severity Details

Weakness Type (CWE)

Key Information

External Resources