CVE-2019-15141

Published
View on NVD ↗
CVSS v3
6.5
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
2
PROJECTS

Description

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.

ImageMagick/ImageMagick
ImageMagick/ImageMagick
ImageMagick is a free, open-source software suite for creating, editing, converting, and displaying images. It supports 200+ formats and offers powerful command-line tools and APIs for automation, scripting, and integration across platforms.
GitHubGitHub
16.7K
ImageMagick/ImageMagick6
ImageMagick/ImageMagick6
ImageMagick legacy is a free, open-source software suite for creating, editing, converting, and displaying images. It supports 200+ formats and offers powerful command-line tools and APIs for automation, scripting, and integration across platforms.
GitHubGitHub
248