Bingchang Liu

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-25 **Description** A memory leak exists in the `WritePSDChannel` function in `coders/psd.c`. This issue affects ImageMagick. **Recommendations** For versions prior to 7.0.8-25, update to version 7.0.8-25 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `WritePSDChannel` function in `coders/psd.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-25 **Description** A memory leak exists in the ReadSIXELImage function in coders/sixel.c. **Recommendations** For versions prior to 7.0.8-25, update to version 7.0.8-25 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.8-25 GraphicsMagick versions prior to 1.3.32 **Description** The issue is related to memory management errors in the WritePDFImage function of graphic editors ImageMagick and GraphicsMagick. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service using a specially crafted image. **Recommendations** For ImageMagick versions prior to 7.0.8-25, update to version 7.0.8-25 or later. For GraphicsMagick versions prior to 1.3.32, update to version 1.3.32 or later.

**Name of the Vulnerable Software and Affected Versions** libexif versions 0.6.21 and earlier **Description** The issue is related to an out-of-bounds heap read in the `exif data save data entry` function in `libexif/exif-data.c`, caused by improper length computation of the allocated data of an ExifMnote entry. This can lead to denial-of-service or possibly information disclosure. The vulnerability can be exploited by a remote attacker to gain access to confidential information or cause a denial of service. **Recommendations** For libexif versions 0.6.21 and earlier, consider disabling the `exif data save data entry` function until a patch is available to prevent potential exploitation. Restrict access to sensitive information and ensure proper input validation to minimize the risk of information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions 3.0 through 3.3.2 **Description** The issue is related to the `dnxhd decode header` function in `libavcodec/dnxhddec.c`, which allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file. This is due to a buffer overflow vulnerability when reading data. **Recommendations** For FFmpeg versions 3.0 through 3.3.2, consider updating to a version that contains a fix for this issue. As a temporary workaround, consider restricting the use of the `dnxhd decode header` function in `libavcodec/dnxhddec.c` to minimize the risk of exploitation. Avoid using crafted DNxHD files that could trigger the out-of-array access issue.

Name of the Vulnerable Software and Affected Versions: FFmpeg versions 2.4 through 3.3.2 Description: The issue is related to an integer overflow in the `ape decode frame` function in `libavcodec/apedec.c` of the FFmpeg library. This can be exploited by a remote attacker using a specially crafted APE file, potentially leading to a denial of service (out-of-array access and application crash) or other unspecified impacts. The exploitation may allow the attacker to access confidential data, compromise its integrity, or cause a service disruption. Recommendations: For FFmpeg versions 2.4 through 3.3.2, consider updating to a version where this issue is fixed, as using a crafted APE file can lead to a denial of service or other unspecified impacts. As a temporary workaround, consider restricting the use of the `ape decode frame` function in `libavcodec/apedec.c` until a patch is available. Avoid using specially crafted APE files with the affected FFmpeg versions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** avcodec versions 2.2.x VideoLAN VLC media player versions 2.2.7-x before 2017-06-29 **Description** The issue is caused by an out-of-bounds heap memory write due to calling `memcpy()` with a wrong size. This can lead to a denial of service (application crash) or possibly code execution. The vulnerability can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For avcodec version 2.2.x, update to a version released after 2017-06-29 to resolve the issue. For VideoLAN VLC media player version 2.2.7-x, update to a version released after 2017-06-29 to resolve the issue. As a temporary workaround, consider restricting the use of the `avcodec` module until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ghostscript versions prior to 9.21 **Description** The issue is related to a heap-based buffer overflow found in the `jbig2 decode gray scale image` function, which is used for decoding halftone segments in JBIG2 images. A document, such as PostScript or PDF, containing a specially crafted JBIG2 image could trigger a segmentation fault in ghostscript. **Recommendations** For versions prior to 9.21, update to version 9.21 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the `jbig2 decode gray scale image` function until a patch is available. Restrict access to documents with embedded JBIG2 images to minimize the risk of exploitation.