This was fixed in upstream ImageMagick version 7.1.0-30.
This could potentially cause a denial of service. In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. This issue can potentially lead to a denial of service and information disclosure.Īn integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service.Ī heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.Ī heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file.
If you want to see a complete summary for this CPE, please contact us.Ī heap buffer overflow issue was found in ImageMagick.
0 kommentar(er)
