Denial of Service Vulnerability in ImageMagick 7.0.7-1 Q16

Denial of Service Vulnerability in ImageMagick 7.0.7-1 Q16

CVE-2017-14400 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file.

Learn more about our Web Application Penetration Testing UK.