Successfully exploiting these issues may allow an attacker to gain access to sensitive information, bypass certain security restrictions and to perform unauthorized actions or cause a denial-of-service condition. This may aid in launching further attacks. Due to the nature of this issue, code execution may be possible but this has not been confirmed.
ImageMagick version 7.0.8-34 is vulnerable; other versions may also be affected.
- ImageMagick Homepage (ImageMagick)
- Memory leak in function ReadPCLImage #1520 (ImageMagick)
- Null pointer deference in function ReadPANGOImage in coders/pango.c #1515 (ImageMagick)
- Possible but rare memory leak in function WriteDPXImage #1517 (ImageMagick)
- Use-of-uninitialized-value in function ReadPANGOImage #1519 (ImageMagick)
- Use-of-uninitialized-value in function SyncImageSettings. #1522 (ImageMagick)
- Use-of-uninitialized-value in function WriteJP2Image #1518 (ImageMagick)