ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
CPE | Name | Operator | Version |
---|---|---|---|
ubuntu_linux | eq | 16.04 | |
ubuntu_linux | eq | 18.04 | |
ubuntu_linux | eq | 19.04 | |
ubuntu_linux | eq | 19.10 | |
debian_linux | eq | 8.0 | |
debian_linux | eq | 9.0 | |
debian_linux | eq | 10.0 | |
imagemagick | eq | 7.0.8-50 q16 | |
leap | eq | 15.0 | |
leap | eq | 15.1 |
lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html
github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc
github.com/ImageMagick/ImageMagick/issues/1608
github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953
lists.debian.org/debian-lts-announce/2019/08/msg00021.html
lists.debian.org/debian-lts-announce/2020/08/msg00030.html
usn.ubuntu.com/4192-1/
www.debian.org/security/2020/dsa-4712