Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
The product calls free() twice on the same memory address.
Link | Tags |
---|---|
http://www.openwall.com/lists/oss-security/2017/01/16/6 | patch mailing list third party advisory |
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383 | patch third party advisory issue tracking |
https://security.gentoo.org/glsa/201702-09 | third party advisory vendor advisory |
https://github.com/ImageMagick/ImageMagick/issues/354 | patch third party advisory issue tracking |
http://www.securityfocus.com/bid/95753 | third party advisory vdb entry |
http://www.debian.org/security/2017/dsa-3799 | third party advisory vendor advisory |
http://www.openwall.com/lists/oss-security/2017/01/17/5 | patch mailing list third party advisory |
https://github.com/ImageMagick/ImageMagick/commit/9a069e0f2e027ec5138f998023cf9cb62c04889f | patch vendor advisory |