Heap-based Buffer Over-read in WritePNMImage Function of ImageMagick 7.0.8-40 Q16

Heap-based Buffer Over-read in WritePNMImage Function of ImageMagick 7.0.8-40 Q16

CVE-2019-11598 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:P

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.

Learn more about our Web Application Penetration Testing UK.