Memory Leak Vulnerability in ImageMagick 7.0.7-4 Q16's ReadVIPSImage Function

Memory Leak Vulnerability in ImageMagick 7.0.7-4 Q16's ReadVIPSImage Function

CVE-2017-14684 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.

Learn more about our Web Application Penetration Testing UK.