The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
Created ImageMagick tracking bugs for this issue:
Affects: epel-8 [bug 1767814]
Affects: fedora-all [bug 1767813]
Note about GraphicsMagick:
This issue was addressed via upstream commit: http://hg.code.sf.net/p/graphicsmagick/code/rev/5402c5cbd8bd
This patch is not currently part of any GraphicsMagick release yet.
Created GraphicsMagick tracking bugs for this issue:
Affects: epel-all [bug 1770518]
Affects: fedora-all [bug 1770517]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:1180 https://access.redhat.com/errata/RHSA-2020:1180
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):