Launchpad CVE tracker

CVE 2019-11472

ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.

Related bugs and status

CVE-2019-11472 (Candidate) is related to these bugs:

Bug #1797647: imagemagick policy.xml typo for EPS files in bionic security update (8:6.9.7.4+dfsg-16ubuntu6.4)

Summary				In	Importance	Status
	1797647	imagemagick policy.xml typo for EPS files in bionic security update (8:6.9.7.4+dfsg-16ubuntu6.4)		imagemagick (Ubuntu)	Undecided	Fix Released

Bug #1923350: FFe: sync/merge imagemagick form unstable

Summary				In	Importance	Status
	1923350	FFe: sync/merge imagemagick form unstable		imagemagick (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2019-11472

References