← voltar
CVE-2017-14989

CVE-2017-14989

EPSS 1.5%
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/ImageMagick/ImageMagick/issues/781https://usn.ubuntu.com/3681-1/https://www.debian.org/security/2017/dsa-4032https://www.debian.org/security/2017/dsa-4040