Description
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-1456-1 | graphicsmagick security update |
Debian DSA |
DSA-4321-1 | graphicsmagick security update |
EUVD |
EUVD-2017-7738 | The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image. |
Ubuntu USN |
USN-4248-1 | GraphicsMagick vulnerabilities |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T20:27:04.248Z
Reserved: 2017-11-05T00:00:00.000Z
Link: CVE-2017-16545
No data.
Status : Modified
Published: 2017-11-05T22:29:00.167
Modified: 2026-06-17T01:09:26.753
Link: CVE-2017-16545
No data.
OpenCVE Enrichment
No data.
Weaknesses
Debian DLA
Debian DSA
EUVD
Ubuntu USN