WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
The product reads data past the end, or before the beginning, of the intended buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Imagemagick | Imagemagick | 7.0.8-43-q16 (including) | 7.0.8-43-q16 (including) |
Red Hat Enterprise Linux 7 | RedHat | autotrace-0:0.31.1-38.el7 | * |
Red Hat Enterprise Linux 7 | RedHat | emacs-1:24.3-23.el7 | * |
Red Hat Enterprise Linux 7 | RedHat | ImageMagick-0:6.9.10.68-3.el7 | * |
Red Hat Enterprise Linux 7 | RedHat | inkscape-0:0.92.2-3.el7 | * |
Imagemagick | Ubuntu | bionic | * |
Imagemagick | Ubuntu | devel | * |
Imagemagick | Ubuntu | disco | * |
Imagemagick | Ubuntu | eoan | * |
Imagemagick | Ubuntu | esm-apps/focal | * |
Imagemagick | Ubuntu | esm-apps/jammy | * |
Imagemagick | Ubuntu | esm-apps/noble | * |
Imagemagick | Ubuntu | focal | * |
Imagemagick | Ubuntu | jammy | * |
Imagemagick | Ubuntu | kinetic | * |
Imagemagick | Ubuntu | lunar | * |
Imagemagick | Ubuntu | mantic | * |
Imagemagick | Ubuntu | noble | * |
Imagemagick | Ubuntu | oracular | * |
Imagemagick | Ubuntu | plucky | * |
Imagemagick | Ubuntu | trusty | * |
Imagemagick | Ubuntu | trusty/esm | * |
Imagemagick | Ubuntu | xenial | * |