Trace Probe

Name of the Vulnerable Software and Affected Versions: Netwide Assembler (NASM) version 2.13 Description: The issue is a stack-based buffer over-read in the `disasm` function of the `disasm/disasm.c` file. This could allow remote attackers to cause a denial of service or possibly have other unspecified impacts by using a crafted ELF file. Recommendations: For Netwide Assembler (NASM) version 2.13, consider avoiding the use of crafted ELF files until a patch is available. As a temporary workaround, restrict access to the `disasm` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.3.28 **Description** The issue is related to a divide-by-zero error in the ReadMNGImage function of coders/png.c. This error can be triggered by remote attackers using a crafted mng file, potentially causing a crash and denial of service. The vulnerability allows an attacker to exploit this flaw and cause the application to crash using a specially crafted image. **Recommendations** For GraphicsMagick version 1.3.28, as a temporary workaround, consider disabling the ReadMNGImage function until a patch is available. Restrict access to the coders/png.c module to minimize the risk of exploitation. Avoid using the ReadMNGImage function with untrusted mng files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.