Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Imagemagick | Imagemagick | * | * |
Libx11 | X.org | * | 1.0.2 (including) |