oss-sec mailing list archives
Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)
From: Ian Zimmerman <itz () primate net>
Date: Thu, 8 Dec 2016 12:14:43 -0800
On 2016-10-15 22:45, cve-assign () mitre org wrote:
https://blogs.gentoo.org/ago/2016/10/07/ imagemagick-heap-based-buffer-overflow-in-ispixelmonochrome-pixel-accessor-h/
Use CVE-2016-8678.
Since there seems to be at least a bit of controversy about this, I think a pointer to the upstream issue may be helpful: https://github.com/ImageMagick/ImageMagick/issues/272 -- Please *no* private Cc: on mailing lists and newsgroups Personal signed mail: please _encrypt_ and sign Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html
Current thread:
- imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h) Agostino Sarubbo (Oct 08)
- Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h) cve-assign (Oct 15)
- Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h) Ian Zimmerman (Dec 08)
- Re: imagemagick: heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h) cve-assign (Oct 15)