ImageMagick Blob.C Off-By-One Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

ImageMagick Blob.C Off-By-One Buffer Overflow Vulnerability

ImageMagick is prone to an off-by-one buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.

Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running the application.

Versions prior to ImageMagick 6.3.5-9 are vulnerable.