Medium severity5.5NVD Advisory· Published Mar 20, 2017· Updated Jun 17, 2026
CVE-2014-9845
CVE-2014-9845
Description
The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27cpe:2.3:a:imagemagick:imagemagick:6.8.8-9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:imagemagick:imagemagick:6.8.8-9:*:*:*:*:*:*:*
- (no CPE)
- cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*
- osv-coords10 versionspkg:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Studio%20Onsite%201.3pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1
< 1.2.5-4.41.1+ 9 more
- (no CPE)range: < 1.2.5-4.41.1
- (no CPE)range: < 1.2.5-4.41.1
- (no CPE)range: < 6.8.8.1-30.2
- (no CPE)range: < 6.4.3.6-7.45.1
- (no CPE)range: < 6.8.8.1-30.2
- (no CPE)range: < 6.4.3.6-7.45.1
- (no CPE)range: < 6.8.8.1-30.2
- (no CPE)range: < 6.4.3.6-7.45.1
- (no CPE)range: < 6.8.8.1-30.2
- (no CPE)range: < 6.8.8.1-30.2
Patches
Vulnerability mechanics
References
12- anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/nvdPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party AdvisoryVDB Entry
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00009.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00010.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00037.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.htmlnvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/06/02/13nvdMailing ListThird Party Advisory
- www.ubuntu.com/usn/USN-3131-1nvdThird Party Advisory
News mentions
0No linked articles in our index yet.