Launchpad CVE tracker

CVE 2018-16413

ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.

Related bugs and status

CVE-2018-16413 (Candidate) is related to these bugs:

Bug #1797647: imagemagick policy.xml typo for EPS files in bionic security update (8:6.9.7.4+dfsg-16ubuntu6.4)

Summary				In	Importance	Status
	1797647	imagemagick policy.xml typo for EPS files in bionic security update (8:6.9.7.4+dfsg-16ubuntu6.4)		imagemagick (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2018-16413

References