Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Heap-buffer-overflow in function SampleImage() in resize.c #717
Version: ImageMagick 7.0.6-8 Q16 x86_64
A heap buffer overflow vulnerability was found in function SampleImage() in resize.c ,which allow attackers to cause a denial of service or remote code execution via a crafted file.
A bug was triggered when convert a file to pdf using ImageMagick , I use the command line
The poc was at: https://github.com/lifuhao123/feijidepoc/blob/master/1-im2pdf
Note that this issue was found by lifuhao from Aliyun Security Team.