NULL Pointer Dereference in AcquireResampleFilterThreadSet in ImageMagick 7.0.7-4

CVE-2017-14739 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.