imagemagick is vulnerable to denial of service. A use-after-free in DestroyStringInfo
in MagickCore/string.c
caused by a mishandling of the error manager in coders/jpeg.c
allows an attacker to crash the application from a heap-based buffer overflow, and potentially execute arbitrary code in the system.
CPE | Name | Operator | Version |
---|---|---|---|
imagemagick | le | 6.8.8-9 |