ALAS-2016-752 ---- GraphicsMagickID: oval:org.secpod.oval:def:1600462 | Date: (C)2016-10-18 (M)2021-06-02 |
Class: PATCH | Family: unix |
A possible heap overflow was discovered in the EscapeParenthesis function .Various issues were found in the processing of SVG files in GraphicsMagick .The TIFF reader had a bug pertaining to use of TIFFGetField when a "count" value is returned. The bug caused a heap read overflow which could allow an untrusted file to crash the software .The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU, causing a denial of service
Platform: |
Amazon Linux AMI |