How severe is CVE-2023-40124?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2023-40124?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2023-40124

MEDIUM Year: 2023

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-125

View all →

Vulnerability Description

In multiple locations, there is a possible cross-user read due to a confused deputy. This could lead to local information disclosure of photos or other images with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2006-5393

MEDIUM

CVSS:5.5(Medium)

Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written...

CWE-1252006

CVE-2014-8355

MEDIUM

CVSS:5.5(Medium)

PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).

CWE-1252014

CVE-2014-8562

MEDIUM

CVSS:5.5(Medium)

DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).

CWE-1252014

CVE-2014-9816

MEDIUM

CVSS:5.5(Medium)

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file.

CWE-1252014

CVE-2014-9818

MEDIUM

CVSS:5.5(Medium)

ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file.

CWE-1252014

CVE-2014-9844

MEDIUM

CVSS:5.5(Medium)

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

CWE-1252014

CVE-2023-40124

Vulnerability Description

Related Vulnerabilities

CVE-2006-5393

CVE-2014-8355

CVE-2014-8562

CVE-2014-9816

CVE-2014-9818

CVE-2014-9844