ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. An attacker can use this to crash the application. Upstream issue: https://github.com/ImageMagick/ImageMagick/issues/872 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1524903]