Intrusion Prevention

GraphicsMagick.ReadWMFImage.Function.Memory.Corruption

Description

This indicates an attack attempt against a Memory Corruption vulnerability in GraphicsMagick.
The vulnerability is caused by an error when ReadWMFImage function handles a malformed WMF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted WMF file.

Affected Products

GraphicsMagick 1.3.26

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site.
http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd

CVE References

CVE-2017-12936