Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ImageMagick affected by stack corruption through long morphology kernel names or arrays
Vulnerability Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
ImageMagick 安全漏洞
Vulnerability Description
ImageMagick是ImageMagick开源的一套开源的图像处理软件。可读取、转换或写入多种格式的图片。 ImageMagick 7.1.2-16之前版本和6.9.13-41之前版本存在安全漏洞,该漏洞源于形态学内核解析函数存在栈缓冲区溢出,可能导致栈损坏。
CVSS Information
N/A
Vulnerability Type
N/A