oss-sec mailing list archives

Re: GraphicsMagick CVE Request - WPG Reader Issues

From: cve-assign () mitre org
Date: Sat, 8 Oct 2016 11:32:47 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Two security issues have been discovered in the WPG format reader in
GraphicsMagick 1.3.25 (and earlier):

1. In a build with QuantumDepth=8 (the default), there is no check
    that the provided colormap is not larger than 256 entries,
    resulting in potential heap overflow.


Use CVE-2016-7996.

2. The assertion:

    ReferenceBlob: Assertion `blob != (BlobInfo *) NULL' failed.

    is thrown (causing a crash) for some files due to a logic error
    which leads to passing a NULL pointer where a NULL pointer is not
    allowed.


Use CVE-2016-7997.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX+RAuAAoJEHb/MwWLVhi266kQAJn9lLlFw8Vt4SormBLDwwDK
+GL3m64NYAFDxIvMrtC4OceZbfMN+4MvcHdklyMLUb6Scgf0TngdKZ7AY24hc0P9
NFetcPtjtfYcTDD2Z7yJ0kJgCPdxCkgmerfWin1hrPTlHiqDSSWaJdIzGsCkpMOo
DT+kNIOU1UY+c52F7O189myEDNOVwllkbVW+FiaQao4k1nwIGzrlK0WhoP1wIcne
ohk7K4yogJPosW1lPXsW7jsIbg6gk1Na/9wV/YBy2afg7/CiCwBcnWLd2l2ZqLNS
sgvcY6IC0zua1h7cMLXDzSrRq7nv97TOyMKcfWu2iqNxRXqeIwqkzzbF9ExiuZ6i
PhcSPjmkFe7AedrsiqZA06yOBX96duLw6RDe8t/ngKL5K4ZxAJ5RPfOiGPit/L6B
Xb9i+c7uWG259v3Wz4D31/aOacHndtcCsTuL2s9ZGWbVsMmvw9bU7UFRebII/Qfp
tXkmpt/BoMRshFmMu2SiC3YmDqTyrsZcBQ1luM0KPw3bZ6LITd5kg1M/TYiRvq3P
PMeLpGjWr/g3Boe3vOkt3J2xTV0dG8i50kGffGOe89T+hMx953KU0qkuh/8kpjWa
fO53Z7C9Y44YEIuz5AXJCDbTKabofiZ0jaN5yma9qfkxrJvmXtKXmTEsplC8aoYw
EgvgIM89Lnrq7wmx4BRZ
=tgOH
-----END PGP SIGNATURE-----

Current thread:

GraphicsMagick CVE Request - WPG Reader Issues Bob Friesenhahn (Oct 07)
- Re: GraphicsMagick CVE Request - WPG Reader Issues cve-assign (Oct 08)