CVE-2017-11522

Name of the Vulnerable Software and Affected Versions ImageMagick versions 6.9.9-0 through 6.9.9-0 and 7.0.0 through 7.0.6-1

Description The issue allows remote attackers to cause a denial of service via a crafted file, specifically through a NULL pointer dereference in the WriteOnePNGImage function in coders/png.c.

Recommendations For ImageMagick versions 6.9.9-0 and 7.0.0 through 7.0.6-1, consider disabling the WriteOnePNGImage function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.