CVE-2020-27772

LOW Year: 2020
CVSS v3 Score
3.3
Low
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.

Related Vulnerabilities

CVE-2016-9085

LOW
CVSS:3.3(Low)

Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.

CWE-1902016

CVE-2018-13053

LOW
CVSS:3.3(Low)

The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.

CWE-1902018

CVE-2019-19004

LOW
CVSS:3.3(Low)

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

CWE-1902019

CVE-2019-6753

LOW
CVSS:3.3(Low)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. User interaction is required to exploit this vulnerability in that...

CWE-1902019

CVE-2020-11869

LOW
CVSS:3.3(Low)

An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write ope...

CWE-1902020

CVE-2020-19909

LOW
CVSS:3.3(Low)

Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl user; however, it ma...

CWE-1902020