CVE-2018-6799

CVE: CVE-2018-6799
Published: 2018-02-07T05:29Z
Vendor: graphicsmagick
Products: graphicsmagick
Versions: -, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.1.9, 1.1.10, 1.1.11, 1.1.12, 1.1.13, 1.1.14, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.18, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.8, 1.3.9, 1.3.10, 1.3.11, 1.3.12, 1.3.13, 1.3.14, 1.3.15, 1.3.16, 1.3.17, 1.3.18, 1.3.23, 1.3.24, 1.3.25, 1.3.26,
Vendor: debian
Products: debian_linux
Versions: 7.0,
Description Language: en
Description: The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
References:
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3
http://www.securityfocus.com/bid/102981
https://lists.debian.org/debian-lts-announce/2018/02/msg00017.html