CVE-2017-14325

Name of the Vulnerable Software and Affected Versions ImageMagick version 7.0.7-1 Q16

Description A memory leak issue was discovered in the PersistPixelCache function in magick/cache.c, which can lead to a denial of service due to memory consumption in the ReadMPCImage function in coders/mpc.c. This can be triggered by a crafted file, potentially allowing remote attackers to cause a denial of service.

Recommendations For ImageMagick version 7.0.7-1 Q16, consider disabling the PersistPixelCache function as a temporary workaround until a patch is available. Restrict access to the ReadMPCImage function in coders/mpc.c to minimize the risk of exploitation. Avoid using crafted files that may trigger the memory leak issue until the problem is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.