GraphicsMagick / Bugs / #358 CVE-2016-2317 - SVG heap/stack buffer overflows

#358 CVE-2016-2317 - SVG heap/stack buffer overflows

Milestone: v1.0_(example)

Status: closed

Owner: Bob Friesenhahn

Labels: None

Priority: 5

Updated: 2016-04-24

Created: 2016-03-20

Creator: Bob Friesenhahn

Private: No

CVE-2016-2317 is regarding buffer overflow issues in the SVG reader found by Gustavo Grieco via fuzz testing. Full details are in the attached tarball.

1 Attachments

CVE-2016-2317.tar.gz

Discussion

Bob Friesenhahn - 2016-03-20

summary: CVE-2016-2317 - SVG SEGV --> CVE-2016-2317 - SVG heap/stack buffer overflows

Description has changed:

Diff:

--- old +++ new @@ -1 +1 @@ -CVE-2016-2317 is regarding segmentation violation issues in the SVG reader found by Gustavo Grieco via fuzz testing. Full details are in the attached tarball. +CVE-2016-2317 is regarding buffer overflow issues in the SVG reader found by Gustavo Grieco via fuzz testing. Full details are in the attached tarball.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Bob Friesenhahn - 2016-03-25

aaphrbkwwe.svg.4495884156523242589 is fixed
aaphrbkwwe.svg.-632425326915265752 is fixed

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Bob Friesenhahn - 2016-04-24

aaphrbkwwe.svg.-1114777018469422437 is fixed

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Bob Friesenhahn - 2016-04-24

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

CVE-2016-2317 - SVG heap/stack buffer overflows

Swiss army knife of image processing

Group

Searches

Help

#358 CVE-2016-2317 - SVG heap/stack buffer overflows

Discussion