oss-sec mailing list archives
Re: GraphicsMagick CVE request: 8BIM/8BIMW unsigned underflow leads to heap overflow
From: cve-assign () mitre org
Date: Sat, 1 Oct 2016 16:59:47 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Today we received a report from Marco Grassi about a heap overflow in the 8BIM reader. 8BIM is a metadata chunk often attached to JPEG files. After investigation it was found that there was a small unsigned overflow leading to a huge size value, which then resulted in a heap overflow (causing a crash). https://sourceforge.net/p/graphicsmagick/code/ci/5c7b6d6094a25e99c57f8b18343914ebfd8213ef/
coders/meta.c parse8BIM
Use CVE-2016-7800. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJX8CLoAAoJEHb/MwWLVhi25tIQAKwOxW+rmQR3/yYEeOUs12z6 dAu3II8DrfdEIetl+Tqtl3p0+qno6pIcU33e1M58u09xzHaeI1bLbHfajWMLHsHS 89z+9p7NVUh9YTEHmVtrFPtCwa8KLkxDG7FrG3tJ0kANFC5qNFqsQrO3V3X2F6CO Ntj1crMkglIgKdqEyBfHAYVZCz4ViP4khbyIG/jZaD3jDr+tIq0eTT5/Sk3us9dM WTUdlN2ZBx2dPMtDKDnTI76AlDow4qQdpuwuUatjaE1P3NsUA2IoyE1P31s4Sdid Vg4D+IarUiubUg7ZyojpAZl1wvz+wXkh4YO7nwOxUsJ6fNcWeYRNtKGScyqyMOC8 6cPXmHkbbe92mtYDf0aEgwCsWaaFtcByPADn1S50dqN9ABwzN7uKgC6dxE+Ca8Et gv/d/j8uMlZPZsS3Eo3V8U/df7MlTBo/X9Nt5CsNgZvwdcL9j6MN0CBFUXOEAiRZ IZwPFb+YNzoOmhz9WRHqhJC73pcM3h951fZYipRKq/5FnydhhMaKzzqFZbThE4Gz jJS96Mm8o9XEAeU9qntREWrshaot070IXUgnINMG56fllJOOwAWbAFyr7ZHWH6Sc 6ZLAzwMqY+uxYQgMAHmhYyFllrg2mUZC+keMM1Pemci1Iny+GiWx6rXtoEPWqdgr th/lBrPHnXbti+aatzvs =g+mv -----END PGP SIGNATURE-----
Current thread:
- GraphicsMagick CVE request: 8BIM/8BIMW unsigned underflow leads to heap overflow Bob Friesenhahn (Oct 01)
- Re: GraphicsMagick CVE request: 8BIM/8BIMW unsigned underflow leads to heap overflow cve-assign (Oct 01)