In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-08-23T03:00:00

Updated: 2024-08-05T18:58:12.525Z

Reserved: 2017-08-22T00:00:00

Link: CVE-2017-13133

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-08-23T03:29:00.253

Modified: 2024-11-21T03:11:00.083

Link: CVE-2017-13133

cve-icon Redhat

Severity : Low

Publid Date: 2017-08-23T00:00:00Z

Links: CVE-2017-13133 - Bugzilla