Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 Feb 2015 22:03:50 -0600
From: Jodie Cunningham <jodie.cunningham@...il.com>
To: oss-security@...ts.openwall.com
Subject: Requesting CVE for ImageMagick DoS

Hi,

I wanted to share four DoS bugs I found via fuzzing with AFL in
ImageMagick, as the maintainer has since corrected them. I'd like to
request the appropriate CVE(s) to cover these DoS bugs:

Date, File ID, ShortDescription, Bug report URL:
1/24/2015 3c1c3e63 HDR file DoS, CPU
 http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929

1/25/2015 d595506c MIFF file DoS, CPU
 http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931

1/25/2015 c8ad6aba PDB file DoS, CPU
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932

1/25/2015 783d8806 VICAR file DoS, CPU
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933


Regards,
-Jodie Cunningham

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ