CVE-2019-15139

Priority
Description
The XWD image (X Window System window dumping file) parsing component in
ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service
(application crash resulting from an out-of-bounds Read) in ReadXWDImage in
coders/xwd.c by crafting a corrupted XWD image file, a different
vulnerability than CVE-2019-11472.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (8:6.8.9.9-7ubuntu5.15)
Ubuntu 18.04 LTS (Bionic Beaver):released (8:6.9.7.4+dfsg-16ubuntu6.8)
Ubuntu 19.04 (Disco Dingo):released (8:6.9.10.14+dfsg-7ubuntu2.3)
Ubuntu 19.10 (Eoan Ermine):released (8:6.9.10.23+dfsg-2.1ubuntu3.1)
Ubuntu 20.04 (Focal Fossa):released (8:6.9.10.23+dfsg-2.1ubuntu9)
Patches:
Upstream:https://github.com/ImageMagick/ImageMagick6/commit/6d46f0a046a58e7c4567a86ba1b9cb847d5b1968
Upstream:https://github.com/ImageMagick/ImageMagick6/commit/e295b8193a1413a39d5c0b3e18fa7ca952c35cdf
More Information

Updated: 2019-12-05 21:09:58 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)