ImageMagick CVE-2019-9956 Stack Buffer Overflow Vulnerability

ImageMagick is prone to a stack-based buffer-overflow vulnerability.

Attackers can exploit this issue to run arbitrary code within the context of the affected application. Failed exploit attempts may result in denial-of-service conditions.
ImageMagick 7.0.8-35 Q16 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 107546
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2019-9956

Remote: Yes
Local: No
Published: Mar 23 2019 12:00AM
Updated: Mar 23 2019 12:00AM
Credit: galycannon
Vulnerable: ImageMagick ImageMagick 7.0.8-35 Q16

Not Vulnerable:

Exploit

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

References:

stack-buffer-overflow in PopHexPixel of ps.c #1523 (ImageMagick)
ImageMagick Homepage (ImageMagick)

Source: www.securityfocus.com

Exploit Collector

Search Exploit