graphicsmagick

2008-08-31

Page content

Vulnerable: 1.1.14-1kalgan1
Unaffected: 1.2.4-1kalgan1

Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service).

Multiple errors exist in the AVI, AVS, DCM, EPT, FITS, MTV, PALM, RLA, and TGA decoders. These can be exploited to trigger crashes, overly large memory allocations, or the execution of infinite loops.
An error within the “GetImageCharacteristics()” function in magick/image.c can be exploited to crash an affected application via specially crafted e.g. PNG, JPEG, BMP, or TIFF files.

Bug Tracker URL: http://bugs.frugalware.org/task/3204

CVEs:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134

comments powered by Disqus