CVE-2020-27761 – WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation whi …

3 December 2020

Vuln ID: CVE-2020-27761

Published: 2020-12-03 17:15:12Z

Description: WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to `ssize_t` instead to avoid this issue. Red Hat Product Security marked the Severity as Low because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to ImageMagick 7.0.9-0.

Source: NVD.NIST.GOV

Date:

3 December 2020

Categorie(s):

NVD

Tag(s):

NVD

New Bitsight, Moody’s service seeks to bolster cyber risk management23 April 2024
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)23 April 2024
Nespresso Domain Hijacked in Phishing Attack Targeting Microsoft Logins23 April 2024
End-to-End Encryption Sparks Concerns Among EU Law Enforcement23 April 2024
GAO: Most Biden cybersecurity EO requirements achieved23 April 2024