ImageMagick is vulnerable to denial of service (DoS) attacks. The library allocates excessive memory in the ReadBMPImage
function of coders/bmp.c
, allowing a malicious user to pass a bmp file to the application to cause memory exhaustion.
CPE | Name | Operator | Version |
---|---|---|---|
imagemagick | le | 6.8.8-9 | |
imagemagick | eq | 6.7.8.9__16.el7_6 | |
imagemagick | eq | 6.7.8.9__15.el7_2 | |
imagemagick | eq | 6.7.8.9__18.el7 |