[Pkg-gmagick-im-team] Bug#870106: heap buffer overflow in ReadOneMNGImage
Bastien ROUCARIES
roucaries.bastien at gmail.com
Sat Jul 29 20:36:38 UTC 2017
Source: imagemagick
Version: 8:6.9.7.4+dfsg-13
Severity: important
Tags: security upstream
X-Debbugs-CC: team at security.debian.org
control: found -1 8:6.8.9.9-5+deb8u8
control: found -1 8:6.8.9.9-5+deb8u9
control: found -1 8:6.7.7.10-5+deb7u14
control: found -1 8:6.7.7.10-5+deb9u1
forwarded: https://github.com/ImageMagick/ImageMagick/issues/542
So a crafted file will cause x_off[i] out-of-bound operation vulnerability.
POC: https://github.com/jgj212/poc/blob/master/heap-mng
More information about the Pkg-gmagick-im-team
mailing list