ImageMagick is vulnerable to denial of service (DoS) attacks via buffer overflow and other attacks. This is caused by the ReadRLEImage
function in coders/rle.c and can be triggered using an RLE file.
CPE | Name | Operator | Version |
---|---|---|---|
imagemagick | le | 6.8.8-9 |
seclists.org/oss-sec/2016/q4/758
www.openwall.com/lists/oss-security/2016/12/26/9
www.securityfocus.com/bid/95180
bugzilla.redhat.com/show_bug.cgi?id=1410452
github.com/ImageMagick/ImageMagick/commit/13db820f5e24cd993ee554e99377fea02a904e18
github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4
www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710