In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
References
Configurations
History
No history.
Information
Published : 2017-08-23 03:29
Updated : 2024-02-28 16:04
NVD link : CVE-2017-13133
Mitre link : CVE-2017-13133
CVE.ORG link : CVE-2017-13133
JSON object : View
Products Affected
imagemagick
- imagemagick
CWE
CWE-770
Allocation of Resources Without Limits or Throttling