Fluid Attacks Database

Description

A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	imagemagick	>=0 <8:6.9.12.98+dfsg1-2	8:6.9.12.98+dfsg1-2
debian 14	imagemagick	>=0 <8:6.9.12.98+dfsg1-2	8:6.9.12.98+dfsg1-2

Aliases

1. CVE-2023-31952. NVD-2023-31953. OSV-DEBIAN-2023-31954. OSV-2023-31955. SECURITY-TRACKER-CVE-2023-3195

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.