RSS   Vulnerabilities for 'Imagemagick'   RSS

2018-01-05
 
CVE-2018-5248

CWE-119
 

 
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

 
 
CVE-2018-5247

CWE-399
 

 
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.

 
 
CVE-2018-5246

CWE-399
 

 
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.

 
 
CVE-2017-18022

CWE-399
 

 
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.

 
2018-01-03
 
CVE-2017-1000476

CWE-400
 

 
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.

 
2018-01-02
 
CVE-2017-1000445

CWE-476
 

 
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service

 
2018-01-01
 
CVE-2017-18008

CWE-399
 

 
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.

 
2017-12-27
 
CVE-2017-17934

CWE-399
 

 
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.

 
 
CVE-2017-17914

CWE-399
 

 
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.

 
 
CVE-2017-17887

CWE-399
 

 
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage.

 


Copyright 2018, cxsecurity.com

 

Back to Top