FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ImageMagick -- denial of service via a crafted font file

Affected packages
		ImageMagick7	<	7.0.7.4
		ImageMagick7-nox11	<	7.0.7.4
		ImageMagick	<=	6.9.8.9_1
		ImageMagick-nox11	<=	6.9.8.9_1

Details

VuXML ID	16fb4f83-a2ab-11e7-9c14-009c02a2ab30
Discovery	2017-09-21
Entry	2017-09-26

MITRE reports:

The ReadCAPTIONImage function in coders/caption.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.

[source]

References

CVE Name	CVE-2017-14741
URL	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14741
URL	https://github.com/ImageMagick/ImageMagick/commit/7d8e14899c562157c7760a77fc91625a27cb596f
URL	https://github.com/ImageMagick/ImageMagick/commit/bb11d07139efe0f5e4ce0e4afda32abdbe82fa9d
URL	https://github.com/ImageMagick/ImageMagick/issues/771

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.