Short Name |
HTTP:STC:IMAGEMAGIC-ARR-INDEX |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
ImageMagick SyncExifProfile Out Of Bounds Array Indexing |
Release Date |
2016/10/25 |
Update Number |
2796 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
A out-of-bounds array indexing vulnerability has been reported in ImageMagick. Successful exploitation could result in arbitrary code execution under the security context of the service using ImageMagick.
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.