Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4985 to the following vulnerability: ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls. References: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596 http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html http://www.imagemagick.org/script/changelog.php http://www.securityfocus.com/bid/25764 http://www.frsirt.com/english/advisories/2007/3245 http://www.securitytracker.com/id?1018729 http://secunia.com/advisories/26926 http://xforce.iss.net/xforce/xfdb/36740
Created attachment 241631 [details] backported patch from Jonathan Smith
Reporter changed to security-response-team by request of Jay Turner.