CVE-2017-16547 - log back

CVE-2017-16547 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ The DrawImage function in magick/render.c in GraphicsMagick before 1.3.27 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file.
References
+ https://sourceforge.net/p/graphicsmagick/bugs/517/
+ http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc
Notes