Bob Friesenhahn

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.3.26 **Description** The issue is related to an integer underflow in the `ReadPICTImage` function of the GraphicsMagick library, which can lead to excessive memory allocation. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For GraphicsMagick version 1.3.26, consider restricting the use of the `ReadPICTImage` function in the `coders/pict.c` file until a patch is available. As a temporary workaround, avoid using this function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.3.26 **Description** The issue is related to a heap overflow in the `WriteRGBImage()` function, which can be exploited by a remote attacker to cause a denial of service. This occurs when processing multiple frames with non-identical widths. **Recommendations** For GraphicsMagick version 1.3.26, consider disabling the `WriteRGBImage()` function until a patch is available to prevent potential exploitation. Restrict access to the coders/rgb.c module to minimize the risk of denial of service attacks. Avoid using the `WriteRGBImage()` function for processing multiple frames with different widths until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.3.25 **Description** The issue is related to a buffer overflow in the dynamic memory of the coders/tiff.c component of the GraphicsMagick library when processing an RGB TIFF picture. This can be exploited by a remote attacker using a specially crafted image file, potentially leading to a denial of service. The buffer overflow is associated with the QuantumTransferMode. **Recommendations** For GraphicsMagick version 1.3.25, consider restricting the use of the coders/tiff.c component until a patch is available. As a temporary workaround, avoid using the QuantumTransferMode in the affected coders/tiff.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.3.25 and earlier **Description** The issue is related to the QuantumTransferMode function in GraphicsMagick, which can cause a denial of service due to an out-of-bounds read and application crash. This can be triggered by a small samples per pixel value in a CMYKA TIFF file. The vulnerability is also described as a buffer overflow error that can be exploited using a specially crafted TIFF file. **Recommendations** For versions 1.3.25 and earlier, consider disabling the QuantumTransferMode function as a temporary workaround until a patch is available. Restrict the processing of CMYKA TIFF files to minimize the risk of exploitation. Avoid using the QuantumTransferMode function with untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.3.25 and earlier **Description** The issue is related to the WPG format reader in GraphicsMagick, which allows remote attackers to cause a denial of service. This can be achieved through vectors related to a ReferenceBlob and a NULL pointer, leading to an assertion failure and crash. The vulnerability is associated with a NULL pointer dereference. **Recommendations** For GraphicsMagick versions 1.3.25 and earlier, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, restrict the use of the WPG format reader until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.3.25 and earlier **Description** The issue is related to an integer underflow in the `parse8BIM` function, located in `coders/meta.c`, which can lead to a heap-based buffer overflow. This can be exploited by a remote attacker using a crafted 8BIM chunk, resulting in a denial of service, specifically an application crash. **Recommendations** For GraphicsMagick versions 1.3.25 and earlier, as a temporary workaround, consider disabling the `parse8BIM` function until a patch is available. Restrict access to the `coders/meta.c` module to minimize the risk of exploitation. Avoid using the `parse8BIM` function in the affected GraphicsMagick versions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.3.25 and earlier **Description** The issue is related to a heap-based buffer overflow in the WPG format reader, which can be exploited by remote attackers using a colormap with a large number of entries. This may allow an attacker to cause unspecified impact, potentially including denial of service or execution of arbitrary code. **Recommendations** For GraphicsMagick versions 1.3.25 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.