CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2015-8901
https://notcve.org/view.php?id=CVE-2015-8901
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file. ImageMagick 6.x en versiones anteriores a 6.9.0-5 Beta permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un archivo MIFF manipulado. • http://trac.imagemagick.org/changeset/17854 http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931 http://www.openwall.com/lists/oss-security/2015/02/26/13 http://www.openwall.com/lists/oss-security/2016/06/06/2 https://bugzilla.redhat.com/show_bug.cgi?id=1195265 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2015-8900
https://notcve.org/view.php?id=CVE-2015-8900
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file. La función ReadHDRImage en coders/hdr.c en ImageMagick 6.x y 7.x permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un archivo HDR manipulado. • http://trac.imagemagick.org/changeset/17845 http://trac.imagemagick.org/changeset/17846 http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929 http://www.openwall.com/lists/oss-security/2015/02/26/13 http://www.openwall.com/lists/oss-security/2016/06/06/2 https://bugzilla.redhat.com/show_bug.cgi?id=1195260 https://github.com/ImageMagick/ImageMagick/commit/97aa7d7cfd2027f6ba7ce42caf8b798541b9cdc6 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-5511
https://notcve.org/view.php?id=CVE-2017-5511
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. Coders/psd.c en ImageMagick permite a los atacantes remotos tener un impacto no especificado al aprovechar un cast impropio, lo que desencadena un desbordamiento de búfer basado en memoria dinámica. • http://www.debian.org/security/2017/dsa-3799 http://www.openwall.com/lists/oss-security/2017/01/16/6 http://www.openwall.com/lists/oss-security/2017/01/17/5 http://www.securityfocus.com/bid/95746 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851374 https://github.com/ImageMagick/ImageMagick/commit/7d65a814ac76bd04760072c33e452371692ee790 https://github.com/ImageMagick/ImageMagick/commit/c8c6a0f123d5e35c173125365c97e2c0fc7eca42 https://github.com/ImageMagick/ImageMagick/issues/347 https://security&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-10144
https://notcve.org/view.php?id=CVE-2016-10144
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. coders/ipl.c en ImageMagick permite a los atacantes remotos tener un impacto inespecífico aprovechando un check perdido de malloc. • http://www.debian.org/security/2017/dsa-3799 http://www.openwall.com/lists/oss-security/2017/01/16/6 http://www.openwall.com/lists/oss-security/2017/01/17/5 http://www.securityfocus.com/bid/95750 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485 https://github.com/ImageMagick/ImageMagick/commit/97566cf2806c0a5a86e884c96831a0c3b1ec6c20 https://security.gentoo.org/glsa/201702-09 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-10145
https://notcve.org/view.php?id=CVE-2016-10145
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. Off-by-one error in coders/wpg.c en ImageMagick permite a los atacantes remotos tener un impacto no especificado a través de vectores relacionados con una copia de cadena. • http://www.debian.org/security/2017/dsa-3799 http://www.openwall.com/lists/oss-security/2017/01/16/6 http://www.openwall.com/lists/oss-security/2017/01/17/5 http://www.securityfocus.com/bid/95749 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483 https://github.com/ImageMagick/ImageMagick/commit/d23beebe7b1179fb75db1e85fbca3100e49593d9 https://security.gentoo.org/glsa/201702-09 • CWE-189: Numeric Errors •