CVE-2014-9854
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
| Software | From | Fixed in |
|---|---|---|
| opensuse / leap | 42.1 | 42.1.x |
| suse / linux_enterprise_server | 11-sp4 | 11-sp4.x |
| suse / linux_enterprise_software_development_kit | 11-sp4 | 11-sp4.x |
| opensuse / opensuse | 13.2 | 13.2.x |
| suse / suse_linux_enterprise_server | 12 | 12.x |
| canonical / ubuntu_linux | 16.10 | 16.10.x |
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| imagemagick / imagemagick | - | 6.9.4-0 |
- http://git.imagemagick.org/repos/ImageMagick/commit/7fb9b7e095a65b4528d0180e26574f2bc7cd0e8b
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html
- http://www.openwall.com/lists/oss-security/2016/06/02/13
- http://www.ubuntu.com/usn/USN-3131-1
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=5ee6f49297c8137cae527429e0267462c14ec3ed
- https://bugzilla.redhat.com/show_bug.cgi?id=1343514
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime