The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
References
Link | Resource |
---|---|
http://www.debian.org/security/2016/dsa-3746 | |
http://www.openwall.com/lists/oss-security/2016/10/07/4 | Mailing List Patch Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/10/08/5 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/93467 | Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2017-01-18 17:59
Updated : 2024-02-04 19:11
NVD link : CVE-2016-7997
Mitre link : CVE-2016-7997
CVE.ORG link : CVE-2016-7997
JSON object : View
Products Affected
graphicsmagick
- graphicsmagick
CWE
CWE-476
NULL Pointer Dereference