CVE-2008-3134

Name of the Vulnerable Software and Affected Versions: GraphicsMagick versions prior to 1.2.4

Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, infinite loop, or memory consumption, via unspecified vectors in various decoder readers, including AVI, AVS, DCM, EPT, FITS, MTV, PALM, RLA, and TGA. Additionally, the GetImageCharacteristics function in magick/image.c is vulnerable when processing crafted PNG, JPEG, BMP, or TIFF files.

Recommendations: For versions prior to 1.2.4, update to version 1.2.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the vulnerable decoder readers and the GetImageCharacteristics function until a patch is applied. Avoid processing crafted image files from untrusted sources until the issue is resolved.