Page 147 of 1866 results (0.019 seconds)

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. ImageMagick versión 7.0.8-50 Q16 presenta una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) en MagickCore/statistic.c en EvaluateImages debido a la mala gestión de las filas. A heap-based buffer overflow was discovered in ImageMagick in the way it parses images when using the evaluate-sequence option. Applications compiled against ImageMagick libraries that accept untrustworthy images and use the evaluate-sequence option or function EvaluateImages may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48 https://github.com/ImageMagick/ImageMagick/issues/1615 https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://www.debian.org/security/2020/dsa-4715 https://access.redhat.com/security/cve/CVE-2019-13307 https://bugzilla.redhat.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImage debido a los errores de superación de límite (off-by-one). A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to off-by-one errors. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd https://github.com/ImageMagick/ImageMagick/issues/1612 https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4715 https://access.redhat.com/security/cve/CVE-2019-13306 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImag debido al mal uso de strncpy y un error por un paso. A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to a misplaced strncpy and off-by-one errors. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888 https://github.com/ImageMagick/ImageMagick/issues/1613 https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://www.debian.org/security/2020/dsa-4715 https://access. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. ImageMagick versión 7.0.8-50 Q16 tiene un desbordamiento de búfer basado en pila en coders/pnm.c en WritePNMImage debido a una asignación modificada. A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to a misplaced assignment. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e https://github.com/ImageMagick/ImageMagick/issues/1614 https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241 https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://www.debian.org/security/2020/dsa-4715 https://access. • CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 2

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error. ImageMagick versión 7.0.8-50 Q16 tiene fugas de memoria en AcquireMagickMemory debido a un error de AnnotateImage. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025 https://github.com/ImageMagick/ImageMagick/issues/1585 https://github.com/ImageMagick/ImageMagick/issues/1589 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-13301 https://bugzilla.redhat.com/show_bug.cgi?id=1730575 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •