CVE-2017-15015

Name of the Vulnerable Software and Affected Versions ImageMagick version 7.0.7-0 Q16

Description The issue is related to a NULL pointer dereference in the PDFDelegateMessage component of the ImageMagick console graphic editor, located in coders/pdf.c. This could potentially allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For ImageMagick version 7.0.7-0 Q16, consider disabling the PDFDelegateMessage component in coders/pdf.c as a temporary workaround until a patch is available. Restrict access to the PDFDelegateMessage function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.