Marcograsso

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.3-2 **Description** The issue is related to a use-after-free error in the `magick/attribute.c` function of ImageMagick, which can be exploited by remote attackers using a crafted file, leading to a denial of service. This error occurs due to improper memory management, where memory is accessed after it has been freed. **Recommendations** For ImageMagick version 7.0.3-2, consider updating to a newer version that addresses this issue, as using a crafted file can cause a denial of service due to the use-after-free error in the `magick/attribute.c` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.3-2 **Description** The issue is related to a function in MagickCore/profile.c that allows remote attackers to cause a denial of service due to an out-of-bounds read via a crafted file. This can be exploited by an attacker to disrupt service. **Recommendations** For versions prior to 7.0.3-2, update to version 7.0.3-2 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted files that could exploit this issue until a patch is applied.