Zyy89

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-0 **Description** The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, via a crafted MNG image. This is due to a problem in the mng get long function in coders/png.c. **Recommendations** For ImageMagick version 7.0.6-0, consider updating to a newer version that addresses this issue, as the current version is affected by a denial of service vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-0 **Description** A heap-based buffer over-read in the GetNextToken function allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function. **Recommendations** For ImageMagick version 7.0.6-0, consider updating to a newer version that contains a fix for this issue, as using a crafted SVG document can lead to sensitive information disclosure.