Description
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-1170-1 | graphicsmagick security update |
Debian DLA |
DLA-1456-1 | graphicsmagick security update |
Debian DSA |
DSA-4321-1 | graphicsmagick security update |
EUVD |
EUVD-2017-7740 | The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file. |
Ubuntu USN |
USN-4248-1 | GraphicsMagick vulnerabilities |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T20:27:04.219Z
Reserved: 2017-11-05T00:00:00.000Z
Link: CVE-2017-16547
No data.
Status : Modified
Published: 2017-11-06T05:29:00.190
Modified: 2026-06-17T01:09:27.020
Link: CVE-2017-16547
No data.
OpenCVE Enrichment
No data.
Weaknesses
Debian DLA
Debian DSA
EUVD
Ubuntu USN