Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-13 Q16's SVGStripString Function

Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-13 Q16's SVGStripString Function

CVE-2018-18023 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the SVGStripString function of coders/svg.c, which allows attackers to cause a denial of service via a crafted SVG image file.

Learn more about our Web Application Penetration Testing UK.