Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-43 Q16's WritePNGImage Function

Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-43 Q16's WritePNGImage Function

CVE-2019-19949 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.

Learn more about our Web Application Penetration Testing UK.