CVE-2020-25667

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.0.9-0

Description The issue arises from the TIFFGetProfiles() function in /coders/tiff.c, which calls strstr() and causes a large out-of-bounds read when searching for dc:format="image/dng" within profile due to improper string handling. This occurs when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this, potentially impacting the application's availability.

Recommendations For ImageMagick versions prior to 7.0.9-0, update to version 7.0.9-0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the TIFFGetProfiles() function until a patch is applied. Additionally, avoid using crafted input files that could trigger the out-of-bounds read.