CVE-2013-4298

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.7.8-8

Description The issue allows remote attackers to cause a denial of service, resulting in memory corruption and application crash, via a crafted comment in a GIF image. This is due to a problem in the ReadGIFImage function in coders/gif.c.

Recommendations For versions prior to 6.7.8-8, update to version 6.7.8-8 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the ReadGIFImage function until a patch is available. Restrict access to processing GIF images to minimize the risk of exploitation.