Vulnetix
Try Vulnetix Request Demo
CVE-2018-6876 PUBLISHED CVSS 6.5 MEDIUM

The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.

EPSS 0.55% · 67.6th percentile

Risk Scores

CVSS v3.0
6.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
0.55%
67.6th percentile

Affected Products

VendorProductVersions
imagemagickimagemagick7.0.7-22
n/an/an/a
libfpx_projectlibfpx1.3.1-10

Timeline

References

Open in Interactive Console →