Infinite Loop Vulnerability in ImageMagick 7.0.7-12 Q16's ReadPSDChannelZip Function

Infinite Loop Vulnerability in ImageMagick 7.0.7-12 Q16's ReadPSDChannelZip Function

CVE-2017-17681 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:N/A:C

In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.

Learn more about our Web Application Penetration Testing UK.