Page 13 of 132 results (0.003 seconds)

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

06 Sep 2018 — There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file. Hay un problema de asignación de memoria excesiva en las funciones ReadBMPImage en coders/bmp.c y ReadDIBImage en coders/dib.c en ImageMagick 7.0.8-11, que permite que los atacantes remotos provoquen una denegación de servicio (DoS) mediante una imagen manipulada. It was disco... • https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

03 Sep 2018 — ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. ImageMagick 7.0.8-11 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función ParseImageResourceBlocks en coders/psd.c. This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitizing have been found in the coders for BMP, DIB, PICT, DCM, CUT and PSD. For the stable distribution (stre... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2

03 Sep 2018 — ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. ImageMagick 7.0.8-11 Q16 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función PushShortPixel en MagickCore/quantum-private.h cuando se llama desde la función ParseImageResourceBlocks en coders/psd.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user o... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1

21 Aug 2018 — In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. En ImageMagick 7.0.8-11 Q16, un archivo de entrada pequeño 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36... • http://www.securityfocus.com/bid/105137 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

23 Jul 2018 — The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption. La función ReadMATImageV4 en coders/mat.c en ImageMagick 7.0.8-7 emplea una variable no inicializada, lo que conduce a una corrupción de memoria. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This p... • https://github.com/ImageMagick/ImageMagick/issues/1221 • CWE-787: Out-of-bounds Write CWE-908: Use of Uninitialized Resource •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

20 Jul 2018 — ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. ImageMagick 7.0.8-4 tiene una fuga de memoria en un mapa de color en WriteMPCImage en coders/mpc.c. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if necessary by using an alternate ImageMagick policy configurat... • https://github.com/ImageMagick/ImageMagick/issues/1192 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

20 Jul 2018 — ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ImageMagick 7.0.8-4 tiene una fuga de memoria en DecodeImage en coders/pcd.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://github.com/ImageMagick/ImageMagick/issues/1193 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

20 Jul 2018 — ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. ImageMagick 7.0.8-4 tiene una fuga de memoria en ReadMIFFImage en coders/miff.c. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include buffer overflow, denial of service, double free, information leakage, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://github.com/ImageMagick/ImageMagick/issues/1191 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

20 Jul 2018 — ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ImageMagick 7.0.8-4 tiene una fuga de memoria en parse8BIM en coders/meta.c. Due to a large number of issues discovered in GhostScript that prevent it from being used by ImageMagick safely, this update includes a default policy change that disables support for the Postscript and PDF formats in ImageMagick. This policy can be overridden if necessary by using an alternate ImageMagick policy configuration. It was discovered that several memor... • https://github.com/ImageMagick/ImageMagick/issues/1190 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1

05 Jul 2018 — In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. En ImageMagick 7.0.8-4 hay una fuga de memoria en la función XMagickCommand en MagickCore/animate.c. A memory leak was discovered in ImageMagick in the XMagickCommand function in animate.c file. An array of strings, named filelist, is allocated on the heap but not released in case the function ExpandFilenames returns an error code. ImageMagick is an image display and manipulation tool for the X Window Syst... • http://www.securityfocus.com/bid/104687 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •