The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 8.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. WriteTHUMBNAILImage function, where an externally controllable value is being used as an index in the process of generating a thumbnail image can also lead to potential Buffer Overflow. Upstream bug: https://github.com/ImageMagick/ImageMagick/issues/705 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/73e085bd8a77541fb9faf0584951783fdeac97f2 https://github.com/ImageMagick/ImageMagick/commit/457e63263de6f732785608504b6e607799ad3dd5 https://github.com/ImageMagick/ImageMagick/commit/abb9d1322317733b799e8b87b2e346b3038f3260
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1487715]