Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Imagemagick Studio ImageMagick::WriteOnePNGImage() 代码问题漏洞
Vulnerability Description
Imagemagick Studio ImageMagick是美国ImageMagick Studio(Imagemagick Studio)公司的一套开源的图像处理软件。该软件可读取、转换或写入多种格式的图片。 ImageMagick 6.9.10-68版本至7.0.8-68版本存在代码问题漏洞,该漏洞源于PNG编码器的WriteOnePNGImage()中。当调用MagickCore quantum-private.h中的PopShortPixel()时,对AcquireVirtualMemory()
CVSS Information
N/A
Vulnerability Type
N/A