ImageMagick: Heap Buffer Over-Read in IPTC encoder

Vulnerability

A heap buffer over-read vulnerability exists in ImageMagick's IPTC encoder when writing an IPTC output file. A specially crafted input file can cause an out-of-bounds read of a single byte. The issue affects ImageMagick versions prior to the fix (Magick.NET < 14.13.1, and corresponding ImageMagick versions) [2][3].

Exploitation

An attacker can exploit this vulnerability by providing a malicious image file to a user or service that processes it with ImageMagick. No authentication or special privileges are required; the attack only requires the victim to process the crafted file. The attack complexity is low, and user interaction is required (e.g., opening the file) [3].

Impact

Successful exploitation leads to an out-of-bounds read of a single byte, potentially disclosing sensitive memory contents. This impacts confidentiality, as unauthorized memory data may be revealed. Integrity and availability are not affected. The CVSS v3.1 base score is moderate severity [3].

Mitigation

The vulnerability is fixed in ImageMagick and Magick.NET versions 14.13.1 and later [2]. Users should update to the patched version. If immediate update is not possible, consider disabling processing of untrusted input files or using security policies to restrict file formats.