Headline
CVE-2020-27770: Invalid Bug ID
Due to a missing check for 0 value of replace_extent, it is possible for offset p to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
‘1894691?cve=title’ is not a valid bug number nor an alias to a bug.
Please press Back and try again.
Related news
Ubuntu Security Notice 7068-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The vulnerabilities included memory leaks, buffer overflows, and improper handling of pixel data.