Heap-based Buffer Overflow in GraphicsMagick 1.3.26's DescribeImage() Function
CVE-2017-16352 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.
Learn more about our Web Application Penetration Testing UK.