In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer
overflow in the function WriteXWDImage of coders/xwd.c, which allows remote
attackers to cause a denial of service (application crash) or possibly have
unspecified other impact via a crafted image file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | graphicsmagick | < 1.3.28-2ubuntu0.1 | UNKNOWN |
ubuntu | 14.04 | noarch | graphicsmagick | < any | UNKNOWN |
ubuntu | 16.04 | noarch | graphicsmagick | < any | UNKNOWN |
hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b
launchpad.net/bugs/cve/CVE-2019-11008
nvd.nist.gov/vuln/detail/CVE-2019-11008
security-tracker.debian.org/tracker/CVE-2019-11008
sourceforge.net/p/graphicsmagick/bugs/599/
ubuntu.com/security/notices/USN-4207-1
www.cve.org/CVERecord?id=CVE-2019-11008