FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ImageMagick -- denial of service via a crafted font file

Affected packages
ImageMagick7 < 7.0.7.4
ImageMagick7-nox11 < 7.0.7.4
ImageMagick <= 6.9.8.9_1
ImageMagick-nox11 <= 6.9.8.9_1

Details

VuXML ID 16fb4f83-a2ab-11e7-9c14-009c02a2ab30
Discovery 2017-09-21
Entry 2017-09-26

MITRE reports:

The ReadCAPTIONImage function in coders/caption.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.

References

CVE Name CVE-2017-14741
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14741
URL https://github.com/ImageMagick/ImageMagick/commit/7d8e14899c562157c7760a77fc91625a27cb596f
URL https://github.com/ImageMagick/ImageMagick/commit/bb11d07139efe0f5e4ce0e4afda32abdbe82fa9d
URL https://github.com/ImageMagick/ImageMagick/issues/771