Denial of Service Vulnerability in GraphicsMagick's ReadJPEGImage Function

Denial of Service Vulnerability in GraphicsMagick's ReadJPEGImage Function

CVE-2017-11140 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.

Learn more about our Web Application Penetration Testing UK.