The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
[
{
"id": "CVE-2017-11448-994d6970",
"target": {
"file": "coders/jpeg.c"
},
"digest": {
"line_hashes": [
"288340643851083288068732422050688800702",
"181053126738692830530665237417963593398",
"43169221445519691339275548518117328776",
"249197958644992025781095410143706291273"
],
"threshold": 0.9
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/imagemagick/imagemagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a"
},
{
"id": "CVE-2017-11448-d626b4af",
"target": {
"function": "ReadJPEGImage",
"file": "coders/jpeg.c"
},
"digest": {
"length": 12820.0,
"function_hash": "71821617886458479043669353458635460276"
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"source": "https://github.com/imagemagick/imagemagick/commit/f6463ca9588579633bbaed9460899d892aa3c64a"
}
]