CVE-2007-4987

Published: 24 September 2007

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.

Priority

Medium

Status

Package Release Status
graphicsmagick
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

imagemagick
Launchpad, Ubuntu, Debian
Upstream
Released (6.3.5-9)