Date: Sun, 1 May 2016 16:54:10 +0200 From: Gustavo Grieco <gustavo.grieco@...il.com> To: oss-security@...ts.openwall.com Subject: CVE request: DoS in multiple versions of GraphicsMagick We recently tested GraphicsMagick with our tool and found two issues that causes DoS: * Infinite loop caused by converting a circularly defined svg file. * Arithmetic exception converting a svg file caused by a X%0 operation in magick/render.c:3800 (long) (y-fill_pattern->tile_info.y) % fill_pattern->rows, Reproducers for both issues are attached. They are triggered by converting a svg to another format. Identification is not affected. These issues affect 1.3.18 and 1.3.23. Most likely other versions are vulnerable too. Regards, Gustavo Content of type "text/html" skipped Download attachment "circular.svg" of type "image/svg+xml" (6285 bytes) Download attachment "sigfpe.svg" of type "image/svg+xml" (1450 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ