CVE-2020-25667

Description

TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for dc:format=image/dng within profile due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0.

Risk Information

Base Score

5.5

MODERATE

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.108

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in Imagemagic (x64) 7.0.9	Windows
Multiple Vulnerabilities are affected in Imagemagic 7.0.9	Windows
Multiple Vulnerabilities are affected in ImageMagick 7.0.9	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234