CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-17541 – ImageMagick: Use after free in ReadICCProfile function in coders/jpeg.c
https://notcve.org/view.php?id=CVE-2019-17541
14 Oct 2019 — ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. ImageMagick versiones anteriores a 7.0.8-55, presenta una vulnerabilidad de uso de la memoria previamente liberada de la función DestroyStringInfo en el archivo MagickCore/string.c porque el administrador de errores es manejado inapropiadamente en el archivo coders/jpeg.c. ImageMagick is an image display and manipulation tool for the X Window System that can ... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16708 – ImageMagick: memory leak in magick/xwindow.c
https://notcve.org/view.php?id=CVE-2019-16708
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo magick/xwindow.c, relacionada con la función XCreateImage. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or potentially leak sensitive information. Th... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-16709 – ImageMagick: memory leak in coders/dps.c
https://notcve.org/view.php?id=CVE-2019-16709
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dps.c, como es demostrado mediante la función XCreateImage. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16710 – ImageMagick: memory leak in coders/dot.c
https://notcve.org/view.php?id=CVE-2019-16710
23 Sep 2019 — ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dot.c, como es demostrado mediante la función AcquireMagickMemory en archivo MagickCore/memory.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16711 – ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c
https://notcve.org/view.php?id=CVE-2019-16711
23 Sep 2019 — ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. ImageMagick versión 7.0.8-40, presenta una pérdida de memoria en la función Huffman2DEncodeImage en el archivo coders/ps2.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user inv... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-16712 – ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c
https://notcve.org/view.php?id=CVE-2019-16712
23 Sep 2019 — ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. ImageMagick versión 7.0.8-43, presenta una pérdida de memoria en la función Huffman2DEncodeImage en el archivo coders/ps3.c, como es demostrado mediante WritePS3Image. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a d... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2019-16713 – ImageMagick: memory leak in coders/dot.c
https://notcve.org/view.php?id=CVE-2019-16713
23 Sep 2019 — ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. ImageMagick versión 7.0.8-43, presenta una pérdida de memoria en el archivo coders/dot.c, como es demostrado mediante la función PingImage en el archivo MagickCore/constitut.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, n... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15139 – ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c
https://notcve.org/view.php?id=CVE-2019-15139
18 Aug 2019 — The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472. El componente de análisis de imagen XWD (archivo de volcado de ventana X Window System) en ImageMagick versión 7.0.8-41 Q16, permite a atacantes causar una denegación de servicio (bloqueo de a... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2019-15140 – ImageMagick: Use after free in ReadMATImage in coders/mat.c
https://notcve.org/view.php?id=CVE-2019-15140
18 Aug 2019 — coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. El archivo coders/mat.c en ImageMagick versión 7.0.8-43 Q16, permite a atacantes remotos causar una denegación de servicio (uso de memoria previamente liberada y bloqueo de aplicación) o posiblemente tener otro impacto no especificado mediante e... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-15141 – ImageMagick: heap-based buffer overflow in WriteTIFFImage in coders/tiff.c
https://notcve.org/view.php?id=CVE-2019-15141
18 Aug 2019 — WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597. En la función WriteTIFFImage en el archivo coders/tiff.c en ImageMagick versión 7.0.8-43 Q16, permite a... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •