Strix
26.1K

CVE-2017-18210

UnknownEPSS 2.64%

Last modified

CVE-2017-18210 is a vulnerability of currently unknown severity. In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.. EPSS estimates a 2.64% chance of exploitation in the next 30 days.

Description

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.

Metrics

EPSS Probability
2.64%

83.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ImagemagickImagemagick7.0.7-0
ImagemagickImagemagick7.0.7-1
ImagemagickImagemagick7.0.7-2
ImagemagickImagemagick7.0.7-3
ImagemagickImagemagick7.0.7-4
ImagemagickImagemagick7.0.7-5
ImagemagickImagemagick7.0.7-6
ImagemagickImagemagick7.0.7-8
ImagemagickImagemagick7.0.7-9
ImagemagickImagemagick7.0.7-10
ImagemagickImagemagick7.0.7-11
ImagemagickImagemagick7.0.7-12
ImagemagickImagemagick7.0.7-13
ImagemagickImagemagick7.0.7-14
ImagemagickImagemagick7.0.7-15
ImagemagickImagemagick7.0.7-16
ImagemagickImagemagick7.0.7-17
ImagemagickImagemagick7.0.7-18
ImagemagickImagemagick7.0.7-19
ImagemagickImagemagick7.0.7-20
ImagemagickImagemagick7.0.7-21
ImagemagickImagemagick7.0.7-22
ImagemagickImagemagick7.0.7-23
ImagemagickImagemagick7.0.7-24
ImagemagickImagemagick7.0.7-25
ImagemagickImagemagick7.0.7.7

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-18210?
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.
How severe is CVE-2017-18210?
Severity scoring for CVE-2017-18210 is pending analysis. The EPSS model estimates a 2.64% probability of exploitation in the next 30 days.
How do I fix CVE-2017-18210?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-18210?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST