ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only)
Summary The TIM PSX TIM image parser in ImageMagick contains a critical integer overflow vulnerability in the ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file header and calculates imagesize = 2 width height without checking for overflow. On 32-bit...