mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-13 03:02:49 +00:00
888 B
888 B
CVE-2016-5688
Description
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
POC
Reference
Github
No PoCs found on GitHub currently.