oss-sec mailing list archives
Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder
From: Solar Designer <solar () openwall com>
Date: Tue, 23 May 2017 09:10:46 +0200
On Mon, May 22, 2017 at 05:58:31PM -0500, Bob Friesenhahn wrote:
On Mon, 22 May 2017, Thomas Deutschmann wrote:Bob, do you have any PoC you can share with ImageMagick project regarding CVE-2017-6335? Your fix was https://sourceforge.net/p/graphicsmagick/code/ci/6156b4c2992d855ece6079653b3b93c3229fc4b8/ I asked ImageMagick project about that issue but they don't know without a PoC, see https://github.com/ImageMagick/ImageMagick/issues/391I have attached the problematic TIFF file. I don't know if binary attachments are accepted by this list.
Small binary attachments (total message size of up to 200 KB including overhead) are accepted, but unfortunately image/tiff was on the mimeremove list, so your attachment didn't get through. I've just removed image/tiff from mimeremove. Please resend (if small enough). As to why have mimeremove at all: many people use MUAs or/and have signatures that always attach needless files (e.g., a text/html portion linking to a company logo, which is also included). But I guess use of image/tiff for those is very unusual, so there was no good reason to have this MIME type removed. The current mimeremove is: application/ms-tnef text/html text/x-vcard image/gif image/jpeg image/png Alexander
Current thread:
- ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Salvatore Bonaccorso (May 20)
- Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Ian Zimmerman (May 20)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Leo Famulari (May 20)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Bob Friesenhahn (May 20)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Thomas Deutschmann (May 22)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Bob Friesenhahn (May 22)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Solar Designer (May 23)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Thomas Deutschmann (May 23)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Bob Friesenhahn (May 23)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Leo Famulari (May 20)
- Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Ian Zimmerman (May 20)
- Re: Re: ImageMagick: CVE-2017-9098: use of uninitialized memory in RLE decoder Jodie Cunningham (May 22)