Shitianyu-2004

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-44 ImageMagick versions prior to 7.1.2-19 Description The viff encoder contains an integer truncation or wraparound issue on 32-bit builds. This can trigger an out of bounds heap write, potentially causing a crash. Recommendations Update to version 6.9.13-44 or later. Update to version 7.1.2-19 or later. As a temporary workaround, consider restricting the use of the viff encoder to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-19 ImageMagick versions prior to 6.9.13-44 Description The -sample operation contains an out-of-bounds read, which occurs when a specific offset is configured via the `sample:offset` define. Recommendations Update to version 7.1.2-19. Update to version 6.9.13-44.

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-44 ImageMagick versions prior to 7.1.2-19 Description An integer overflow in the `despeckle()` operation causes a heap buffer overflow on 32-bit builds, resulting in an out-of-bounds write. Recommendations Update to version 6.9.13-44 or later. Update to version 7.1.2-19 or later. As a temporary workaround, consider restricting the use of the `despeckle()` operation.