Stack-based buffer under-read vulnerability in OLEProperty class in libfpx 1.3.1-10

CVE-2018-6876 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.

Learn more about our Web Application Penetration Testing UK.