CVE-2019-15141

WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
Configurations

Configuration 1

cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:q16:*:*:*:*:*:*

Information

Published : 2019-08-18 07:15

Updated : 2019-11-15 01:15


NVD link : CVE-2019-15141

Mitre link : CVE-2019-15141

Products Affected
CWE
CWE-125

Out-of-bounds Read