High severity7.8NVD Advisory· Published Mar 24, 2017· Updated May 13, 2026
CVE-2017-5506
CVE-2017-5506
Description
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
Affected products
3- cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.openwall.com/lists/oss-security/2017/01/16/6nvdMailing ListPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2017/01/17/5nvdMailing ListPatchThird Party Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingPatchThird Party Advisory
- github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889fnvdPatchVendor Advisory
- github.com/ImageMagick/ImageMagick/issues/354nvdIssue TrackingPatchThird Party Advisory
- www.debian.org/security/2017/dsa-3799nvdThird Party Advisory
- www.securityfocus.com/bid/95753nvdThird Party AdvisoryVDB Entry
- security.gentoo.org/glsa/201702-09nvdThird Party Advisory
News mentions
0No linked articles in our index yet.