In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: php

Published: 2019-05-03T19:28:15.611639Z

Updated: 2024-09-16T17:43:40.554Z

Reserved: 2019-04-09T00:00:00

Link: CVE-2019-11037

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-05-03T20:29:00.420

Modified: 2024-11-21T04:20:25.120

Link: CVE-2019-11037

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-05-04T00:00:00Z

Links: CVE-2019-11037 - Bugzilla