CVE-2016-10049

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.4-4

Description The issue is caused by a buffer overflow in the ReadRLEImage function in coders/rle.c. This allows remote attackers to cause a denial of service, such as an application crash, or have other unspecified impact via a crafted RLE file.

Recommendations For versions prior to 6.9.4-4, update to version 6.9.4-4 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the ReadRLEImage function in coders/rle.c until a patch is applied. Restrict access to crafted RLE files to minimize the risk of exploitation.