Описание
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-17541
- https://github.com/ImageMagick/ImageMagick/issues/1641
- https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827
- https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55
Связанные уязвимости
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.
ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo ...
ELSA-2020-1180: ImageMagick security, bug fix, and enhancement update (MODERATE)