coders/mpc.c in ImageMagick prior to 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
imagemagick imagemagick |