CVE-2018-6876

CVE: CVE-2018-6876
Published: 2018-02-09T18:29Z
Vendor: imagemagick
Products: imagemagick
Versions: 7.0.7-22,
Vendor: libfpx_project
Products: libfpx
Versions: 1.3.1-10,
Description Language: en
Description: The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.
References:
http://www.securityfocus.com/bid/103035
https://github.com/ImageMagick/ImageMagick/issues/973