← volver
CVE-2017-14989

CVE-2017-14989

EPSS 1.5%
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/ImageMagick/ImageMagick/issues/781https://usn.ubuntu.com/3681-1/https://www.debian.org/security/2017/dsa-4032https://www.debian.org/security/2017/dsa-4040