Elfringo

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue is related to the ReadGROUP4Image function in coders/tiff.c, which does not properly handle errors. This can be exploited by a remote attacker to cause a denial of service, resulting in the application crashing, by using a specially crafted file. The problem arises from the function not checking the return value of the fwrite function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.1-10 **Description** The issue concerns the ReadGROUP4Image function in coders/tiff.c, which does not properly check the return value of the fputc function. This allows remote attackers to cause a denial of service (crash) by providing a crafted image file. **Recommendations** For versions prior to 7.0.1-10, update to version 7.0.1-10 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.1-10 **Description** The issue exists due to insufficient input validation in the ConcatenateImages function. This allows a remote attacker to cause a denial of service, resulting in the application crashing, by using a specially crafted file. The vulnerability is related to the lack of return value checking for the fputc function. **Recommendations** For versions prior to 7.0.1-10, update to version 7.0.1-10 or later to resolve the issue. As a temporary workaround, consider restricting the use of the ConcatenateImages function until a patch is available.