ImageMagick DrawDashPolygon Function Denial of Service Vulnerability (CVE-2016-4562)
ImageMagick DrawDashPolygon Function Denial of Service Vulnerability (CVE-2016-4562)
Release date:
Updated on:
Affected Systems:
ImageMagick ImageMagick < 6.9.4-0
ImageMagick ImageMagick 7.x < 7.0.1-2
Description:
CVE (CAN) ID: CVE-2016-4562
ImageMagick is an open-source image viewing and editing tool on Unix/Linux platforms.
ImageMagick <6.9.4-0, 7.x <7.0.1-2, MagickCore/draw. in c, the DrawDashPolygon error processes vertex integer data calculations. By constructing files, remote attackers can exploit this vulnerability to cause DOS.
<* Source: ImageMagick
*>
Suggestion:
Vendor patch:
ImageMagick
-----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.imagemagick.org/script/changelog.php
Https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950
Use ImageMagick to draw a three-color schematic diagram
In Linux, PHP supports ImageMagick and MagicWandForPHP.
Image Magic with ImageMagick in Linux
Installation of ImageMagick and MagicWand For PHP in Linux
Install ImageMagick and JMagick in Linux
For details about ImageMagick, click here
ImageMagick: click here
This article permanently updates the link address: