Due to a missing check for 0 value of replace_extent
, it is possible for offset p
to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
[
{
"vendor": "n/a",
"product": "ImageMagick",
"versions": [
{
"version": "ImageMagick 7.0.8-68",
"status": "affected"
}
]
}
]