← back
CVE-2017-13132

CVE-2017-13132

EPSS 1.1%
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/ImageMagick/ImageMagick/issues/674https://security.gentoo.org/glsa/201711-07http://www.securityfocus.com/bid/100458