GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-11-01T15:00:00
Updated: 2024-08-05T20:20:05.614Z
Reserved: 2017-11-01T00:00:00
Link: CVE-2017-16352
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-11-01T15:29:00.197
Modified: 2024-11-21T03:16:18.790
Link: CVE-2017-16352
Redhat