CVE-2017-13134 - log back

CVE-2017-13134 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ In ImageMagick 6.9.9.1, 7.0.6.7 and GraphicsMagick before 1.3.27, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
References
+ https://github.com/ImageMagick/ImageMagick/issues/670
+ https://github.com/ImageMagick/ImageMagick/commit/5304ae14655a67b9a3db00563fe44d9abd6de4f0
+ http://hg.code.sf.net/p/graphicsmagick/code/rev/1b47e0078e05
Notes