Red Hat Bugzilla – Bug 1004648
CVE-2013-4298 ImageMagick: One-byte heap-based buffer overflow when decoding certain GIF images
Last modified: 2016-03-04 07:55:50 EST
A heap-based buffer overflow was reported in ImageMagick, when decoding certain GIF images, with specially crafted blocks. A remote attacker could provide a specially-crafted GIF image format file, that when processed by ImageMagick would lead to crash or, potentially, arbitrary code execution.
Looking at the source, it seems like this flaw was introduced by the following commit:
versions of ImageMagick shipped with rhel-5,rhel-6,rhel-7 and fedora are not vulnerable.
Not Vulnerable. This issue does not affect the version of ImageMagick as shipped with Red Hat Enterprise Linux 5 and 6.
This issue does not affect the version of ImageMagick as shipped with Fedora 18 and Fedora 19.