CVE-2017-11540CVE-2017-11540

Affected configuration(s):

cpe:/a:imagemagick:imagemagick:7.0.6-1

Date published: 2017-07-22T23:29:00.797-04:00

Date last modified: 2017-07-28T10:17:08.870-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://www.securityfocus.com/bid/99929

Summary: When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.