[Pkg-gmagick-im-team] Bug#832885: CVE-2016-4562
Bastien ROUCARIES
roucaries.bastien at gmail.com
Fri Jul 29 10:04:03 UTC 2016
Package: imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-team at lists.alioth.debian.org
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick
before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of
certain vertices integer data, which allows remote attackers to cause
a denial of service (buffer overflow and application crash) or
possibly have unspecified other impact via a crafted file.
More information about the Pkg-gmagick-im-team
mailing list