Excessive Iteration
CVE-2017-11505
Summary
The ReadOneJNGImage function in "coders/png.c" in ImageMagick prior to 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
- LOW
- NETWORK
- NONE
- UNCHANGED
- REQUIRED
- NONE
- NONE
- HIGH
CWE-834 - Excessive Iteration
The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.
Advisory Timeline
- Published