Due to a missing check for 0 value of replace_extent
, it is possible for offset p
to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 9.0 | |
imagemagick | eq | < 6.9.10-68 | |
imagemagick | eq | >= 7.0.00 AND < 7.0.868 |