CVE-2013-4298

{"id": "CVE-2013-4298", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-09-10T19:55:11.367", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721273", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/54581", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/54671", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2013/dsa-2750", "source": "secalert@redhat.com"}, {"url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=23921", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://www.imagemagick.org/script/changelog.php", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1949-1", "source": "secalert@redhat.com"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image."}, {"lang": "es", "value": "La funci\u00f3n ReadGIFImage en coders/gif.c en ImageMagick anteriores a 6.7.8-8 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un comentario manipulado en una imagen GIF."}], "lastModified": "2013-09-18T03:29:43.847", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77CFBB8C-B91B-4340-A347-9857CFBD4420", "versionEndIncluding": "6.7.8-7"}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.7.8-0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A6871A6-6D26-4201-BF26-1A2D0EC6595E"}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.7.8-1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF97E3B5-2535-406F-82E9-9FCFA9169B40"}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.7.8-2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E4D9DE0-1AD1-4E68-AF20-A4BC959045F7"}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.7.8-3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5B3F449-3B44-4B91-B8C7-7F4B92728641"}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.7.8-4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24C472AF-B482-4070-B4B1-66E05D0D537B"}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.7.8-5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A876F24-1CBF-4EC2-A2B8-66204B2AD9DA"}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.7.8-6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B943647A-4B39-41A7-B692-57E592ABEE69"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}