3 matches found
Design/Logic Flaw
In IntensityCompare of /magick/quantize.c, there are calls to PixelPacketIntensity which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity function, which forces the pixel...
ImageMagick Input Validation Error Vulnerability
Imagemagick Studio ImageMagick is a suite of open source image processing software from ImageMagick Studio Imagemagick Studio, an American company. The software can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 6.9.10-69, which ste...
PT-2019-5863 · Imagemagick +5 · Imagemagick +5
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.9.10-69 Description: The issue is related to the ApplyEvaluateOperator function in the /MagickCore/statistic.c component of ImageMagick, where a size t cast should have been a ssize t cast. This causes...