Launchpad.net

CVE 2017-11540

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.

See the CVE page on Mitre.org for more details.

References