Valve: ImageMagick GIF coder vulnerability leading to memory disclosure

ID H1:315256
Type hackerone
Reporter alyssa_herrera
Modified 2018-07-02T23:44:08


Due to CVE-2017-15277, portions of server memory on some steamcommunity web servers could be leaked via image updates. An attacker would not be able to control what memory would be returned, but system information could be obtained. I was able to arbitrarily disclose server memory on due to CVE-2017-15277.