CVE-2017-18272

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.7-16 Q16 x86 64

Description: The issue is related to a use-after-free in the ReadOneMNGImage function in coders/png.c. This allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.

Recommendations: For ImageMagick version 7.0.7-16 Q16 x86 64, consider updating to a newer version that contains a fix for this issue. As a temporary workaround, avoid using the ReadOneMNGImage function until a patch is available. Restrict access to handling MNG image files to minimize the risk of exploitation.