---

CVE-2017-13134 - log back

CVE-2017-13134 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Denial of service
Description	+ In ImageMagick 6.9.9.1, 7.0.6.7 and GraphicsMagick before 1.3.27, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
References	+ https://github.com/ImageMagick/ImageMagick/issues/670 + https://github.com/ImageMagick/ImageMagick/commit/5304ae14655a67b9a3db00563fe44d9abd6de4f0 + http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05
Notes