Critical severity9.8NVD Advisory· Published Mar 24, 2017· Updated May 13, 2026

CVE-2017-5511

Description

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.

Affected products

ImageMagick/Imagemagick
cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
Range: <6.9.7-3
Debian/Debian Linux2 versions
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2017/01/16/6nvdMailing ListPatchThird Party Advisory
www.openwall.com/lists/oss-security/2017/01/17/5nvdMailing ListPatchThird Party Advisory
bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingPatchThird Party Advisory
github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790nvdIssue TrackingPatchThird Party Advisory
github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42nvdIssue TrackingPatchThird Party Advisory
github.com/ImageMagick/ImageMagick/issues/347nvdIssue TrackingPatchThird Party Advisory
www.debian.org/security/2017/dsa-3799nvdThird Party Advisory
www.securityfocus.com/bid/95746nvdBroken LinkThird Party AdvisoryVDB Entry
security.gentoo.org/glsa/201702-09nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000