The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | graphicsmagick | < 1.3.16-1.1 | graphicsmagick_1.3.16-1.1_all.deb |
Debian | 11 | all | graphicsmagick | < 1.3.16-1.1 | graphicsmagick_1.3.16-1.1_all.deb |
Debian | 10 | all | graphicsmagick | < 1.3.16-1.1 | graphicsmagick_1.3.16-1.1_all.deb |
Debian | 999 | all | graphicsmagick | < 1.3.16-1.1 | graphicsmagick_1.3.16-1.1_all.deb |
Debian | 13 | all | graphicsmagick | < 1.3.16-1.1 | graphicsmagick_1.3.16-1.1_all.deb |