CVE-2023-3745
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Jul 24, 2023
Updated: Nov 7, 2023
Summary
CVE-2023-3745 is a heap-based buffer overflow vulnerability affecting ImageMagick's PushCharPixel() function in quantum-private.h. A local attacker can exploit this issue by crafting a malicious file that, when opened, triggers an out-of-bounds read error. The error may result in an application crash, leading to a denial of service. The vulnerability can be exploited by tricking the user into opening the specially crafted file, making it a potential security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share