SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Sample Queries

Paid content will be excluded from the download.

Download | Alert*

OVAL

[3.6] graphicsmagick: Use-after-free in CloseBlob (CVE-2017-11403)

ID: oval:org.secpod.oval:def:1800450	Date: (C)2018-03-28 (M)2023-12-20
Class: PATCH	Family: unix

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.

Platform:

Alpine Linux 3.6

Product:

graphicsmagick

Reference:

cpe:/o:alpinelinux:alpine_linux:3.6
cpe:/a:graphicsmagick:graphicsmagick
cpe:/a:graphicsmagick:graphicsmagick:1.3.26


30479



423868



248392



909



195452



282