Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-13 Q16's EncodeImage Function in coders/pict.c

CVE-2018-18025 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.

Learn more about our Web Application Penetration Testing UK.