Summary: | <media-gfx/graphicsmagick-1.3.26: stack-based buffer overflow in ReadSCTImage (sct.c) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | graphics+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blogs.gentoo.org/ago/2016/09/15/graphicsmagick-stack-based-buffer-overflow-in-readsctimage-sct-c/ | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-03-27 08:18:48 UTC
CVE ID: CVE-2016-8682 Summary: The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. Published: 2017-02-15T19:59:00.000Z CVE ID: CVE-2016-8682 Summary: The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. Published: 2017-02-15T19:59:00.000Z Fix is contained in 1.3.26 source. http://hg.code.sf.net/p/graphicsmagick/code/rev/0a0dfa81906d |