CVE-2017-12664

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-12664
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12664.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-12664
Downstream
Related
Published
2017-08-07T21:29:00Z
Modified
2025-10-15T08:44:48.527100Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.

References

Affected packages

Git / github.com/imagemagick/imagemagick

Affected ranges

Type
GIT
Repo
https://github.com/imagemagick/imagemagick
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0417cea1b6d72f90bd4f1f573f91e42a8ba66a89

Affected versions

7.*

7.0.1-0
7.0.1-1
7.0.1-10
7.0.1-2
7.0.1-3
7.0.1-4
7.0.1-5
7.0.1-6
7.0.1-7
7.0.1-8
7.0.1-9
7.0.2-0
7.0.2-1
7.0.2-10
7.0.2-2
7.0.2-3
7.0.2-4
7.0.2-5
7.0.2-6
7.0.2-7
7.0.2-8
7.0.2-9
7.0.3-0
7.0.3-1
7.0.3-10
7.0.3-2
7.0.3-3
7.0.3-4
7.0.3-5
7.0.3-6
7.0.3-7
7.0.3-8
7.0.3-9
7.0.4-0
7.0.4-1
7.0.4-10
7.0.4-2
7.0.4-3
7.0.4-4
7.0.4-5
7.0.4-6
7.0.4-7
7.0.4-8
7.0.4-9
7.0.5-0
7.0.5-1
7.0.5-10
7.0.5-2
7.0.5-3
7.0.5-4
7.0.5-5
7.0.5-6
7.0.5-7
7.0.5-8
7.0.5-9
7.0.6-0
7.0.6-1

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/imagemagick/imagemagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89",
        "target": {
            "file": "coders/palm.c",
            "function": "WritePALMImage"
        },
        "signature_version": "v1",
        "id": "CVE-2017-12664-08a54fc5",
        "digest": {
            "function_hash": "268890397944643445776299614912252779161",
            "length": 8826.0
        },
        "signature_type": "Function",
        "deprecated": false
    },
    {
        "source": "https://github.com/imagemagick/imagemagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89",
        "target": {
            "file": "coders/palm.c"
        },
        "signature_version": "v1",
        "id": "CVE-2017-12664-3b99430f",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "27028221850508511443346567859706319411",
                "20847430396998508284219749416745324574",
                "83312343893162371964250135597168008451",
                "185287209568927643460798951607358273774",
                "91520173979777782469764328008498233822",
                "92317123143364196146589822709405203284",
                "15434025488151369558910213219307358218",
                "321280785588503555595959584946868283430",
                "36335555376097862678073125730627865318",
                "93843135056098139010484449796823042382",
                "20808975688262632894518281620831422160",
                "303110051110672192019747629175091010660",
                "204624570184835082849894880101788981630",
                "18123040693854950007525185748531512123",
                "187998939778020737771087191461201912419",
                "270394346856743764053900171465324886287",
                "339257966458087026848002765682414857804",
                "329129702237335227384461253879180204831",
                "148976310530335927176848097177252763902",
                "156311739231832147480141198139913856626",
                "99548859626787854627513458811637588453",
                "56660467401961805122947738100891801136",
                "102751821475927948484068066456803657326",
                "45533723548575145971477882223590406158",
                "99548859626787854627513458811637588453",
                "56660467401961805122947738100891801136",
                "102751821475927948484068066456803657326",
                "258861572555878227146193633581245083542",
                "313496855728451138886797112302897996804",
                "214251692436244036844505312529518966604",
                "162831303252282143964311154786187000781",
                "217176093599837893812929101913303216615",
                "59087006896481597238819379929095297180",
                "306213325608656479362394534029607699280",
                "62588993146386644120622479066481316075",
                "5092884176207350136537503591224191496",
                "199002595194404176903481832375762518273",
                "169874615717496570473920106405318349436",
                "75240008142063697755823115965933035982",
                "184182745431899743891383763777746604376",
                "197465592143855854694101121320771999751",
                "290448096388430886778852681507856382932",
                "127309246279801750109322623873913297327",
                "259349287272562194891853395290987309775",
                "84435244186211582213781447370496151028",
                "10468386166798086697511990009255902960",
                "214283160671910765884200251264245144049",
                "144287322500602851975879340392540388691",
                "80040328504250372145598288380759311462",
                "234725530993179071157005370334839620959",
                "314029971489323033735878191349911051213",
                "23085298609561243391335773640908306900",
                "232672795353306904858427834712057916931",
                "331658323055419577783730940446655509381",
                "76152473974622779228341451839154111479",
                "75233940676785470847566021606202069828",
                "305399390826937355129978800029567366796",
                "186621237265434293519062714113025780719",
                "38596433710208186624149623074598481270",
                "224180450997522342175707861675073919500",
                "305690710364076892600815937225189530258",
                "39421941357759064702334114925477837971",
                "316753987950408172978356013071373960482",
                "241563218318978072534617645024775517374",
                "25334166178618619627632850423413934572",
                "32304592596104742584590241945658939214"
            ]
        },
        "signature_type": "Line",
        "deprecated": false
    },
    {
        "source": "https://github.com/imagemagick/imagemagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89",
        "target": {
            "file": "MagickCore/quantize.c"
        },
        "signature_version": "v1",
        "id": "CVE-2017-12664-b5c67729",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "255975628788243305679715100950074212495",
                "247120854896308759452009715632553163349",
                "302016902240041071996599664287889908761",
                "311101418436283196085578901332836967681",
                "161607520025110915284455668543863179942"
            ]
        },
        "signature_type": "Line",
        "deprecated": false
    },
    {
        "source": "https://github.com/imagemagick/imagemagick/commit/0417cea1b6d72f90bd4f1f573f91e42a8ba66a89",
        "target": {
            "file": "MagickCore/quantize.c",
            "function": "SetGrayscaleImage"
        },
        "signature_version": "v1",
        "id": "CVE-2017-12664-f9a496b7",
        "digest": {
            "function_hash": "15146395443413188855175146896783652872",
            "length": 3787.0
        },
        "signature_type": "Function",
        "deprecated": false
    }
]