Page 11 of 65 results (0.009 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-13064

https://notcve.org/view.php?id=CVE-2017-13064

GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. GraphicsMagick 1.3.26 tiene una vulnerabilidad de desbordamiento de búfer basado en montículos en la función GetStyleTokens en coders/svg.c:311:12. • http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a http://www.securityfocus.com/bid/100474 https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ https://sourceforge.net/p/graphicsmagick/bugs/436 https://usn.ubuntu.com/4222-1 https://www.de • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 29%CPEs: 3EXPL: 0

CVE-2017-12936

https://notcve.org/view.php?id=CVE-2017-12936

The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. La función ReadWMFImage en coders/wmf.c de GraphicsMagick 1.3.26 tiene un problema de uso de memoria previamente liberada para los datos asociados con el informe de excepciones. • http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd https://blogs.gentoo.org/ago/2017/08/05/graphicsmagick-use-after-free-in-readwmfimage-wmf-c https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ https://usn.ubuntu.com/4222-1 https://www. • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-12937

https://notcve.org/view.php?id=CVE-2017-12937

The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. La función ReadSUNImage en coders/sun.c de GraphicsMagick 1.3.26 tiene una vulnerabilidad de desbordamiento de búfer basado en montículos en la matriz de colores. • http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978 http://www.securityfocus.com/bid/100442 https://blogs.gentoo.org/ago/2017/08/05/graphicsmagick-heap-based-buffer-overflow-in-readsunimage-sun-c https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ ht • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-12935

https://notcve.org/view.php?id=CVE-2017-12935

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. La función ReadMNGImage en coders/png.c de GraphicsMagick 1.3.26 maneja incorrectamente imágenes MNG de gran tamaño, provocando que haya lecturas de memoria no válidas en la función SetImageColorCallBack en magick/image.c. • http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188 https://blogs.gentoo.org/ago/2017/08/05/graphicsmagick-invalid-memory-read-in-setimagecolorcallback-image-c https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ https://usn.ubuntu.com/4222-1 https:&#x • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-11722

https://notcve.org/view.php?id=CVE-2017-11722

The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. La función WriteOnePNGImage en el archivo coders/png.c en GraphicsMagick versión 1.3.26 permite a los atacantes remotos causar una denegación de servicio (lectura fuera de límites y bloqueo de aplicación) por medio de un archivo creado, debido a que el flujo de control actual del programa era inconsistente con su sangría. Esto resultó en que una instrucción de registro se ejecutara fuera de un bucle y, en consecuencia, utilizara un índice de matriz no válido correspondiente a la condición de salida del bucle. • http://hg.code.sf.net/p/graphicsmagick/code/rev/f423ba88ca4e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •