[Pkg-gmagick-im-team] Bug#832888: CVE-2016-4564
Bastien ROUCARIES
roucaries.bastien at gmail.com
Fri Jul 29 10:09:48 UTC 2016
Package: imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-team at lists.alioth.debian.org
The DrawImage function in MagickCore/draw.c in ImageMagick before
6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in
attempting to locate the next token, which allows remote attackers to
cause a denial of service (buffer overflow and application crash) or
possibly have unspecified other impact via a crafted file.
More information about the Pkg-gmagick-im-team
mailing list