ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.
CPE | Name | Operator | Version |
---|---|---|---|
ubuntu_linux | eq | 16.04 | |
ubuntu_linux | eq | 18.04 | |
ubuntu_linux | eq | 18.10 | |
ubuntu_linux | eq | 19.04 | |
ubuntu_linux | eq | 14.04 | |
imagemagick | eq | < 6.9.10-9 | |
imagemagick | eq | >= 7.0.00 AND < 7.0.89 |