CVE-2008-1097

Name of the Vulnerable Software and Affected Versions ImageMagick versions 6.2.4-5 through 6.2.8-0 GraphicsMagick version 1.1.7

Description The issue is related to a heap-based buffer overflow in the ReadPCXImage function within the PCX coder. This can be triggered by a crafted .pcx file, leading to incorrect memory allocation for the scanline array and resulting in memory corruption. This could cause a denial of service or potentially allow the execution of arbitrary code.

Recommendations For ImageMagick versions 6.2.4-5 through 6.2.8-0, update to a version that fixes the issue in the ReadPCXImage function. For GraphicsMagick version 1.1.7, update to a version that fixes the issue in the ReadPCXImage function. As a temporary workaround, consider disabling the use of the PCX coder in affected versions until a patch is available.