CVE-2017-13777

Source
Severity Medium
Remote Yes
Type Denial of service
Description
GraphicsMagick before 1.3.27 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.
Group Package Affected Fixed Severity Status Ticket
AVG-355 graphicsmagick 1.3.26-3 1.3.27-1 High Fixed
Date Advisory Group Package Severity Description
08 Jan 2018 ASA-201801-7 AVG-355 graphicsmagick High multiple issues
References
http://openwall.com/lists/oss-security/2017/08/31/1
http://hg.code.sf.net/p/graphicsmagick/code/rev/233a720bfd5e