CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5509 – Gentoo Linux Security Advisory 201702-09
https://notcve.org/view.php?id=CVE-2017-5509
17 Feb 2017 — coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. Coders/psd.c en ImageMagick permite a los atacantes remotos tener un impacto no especificado a través de un archivo PSD manipulado, lo que desencadena una escritura fuera de los límites. Multiple vulnerabilities have been found in ImageMagick, the worst of which allows remote attackers to execute arbitrary code. Versions less than 6.9.7.4 are affected. • http://www.openwall.com/lists/oss-security/2017/01/16/6 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-5510 – Ubuntu Security Notice USN-3222-1
https://notcve.org/view.php?id=CVE-2017-5510
17 Feb 2017 — coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. Coders/psd.c en ImageMagick permite a los atacantes remotos tener un impacto no especificado a través de un archivo PSD manipulado, lo que desencadena una escritura fuera de los límites. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted ima... • http://www.debian.org/security/2017/dsa-3799 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-5511 – Ubuntu Security Notice USN-3222-1
https://notcve.org/view.php?id=CVE-2017-5511
17 Feb 2017 — coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. Coders/psd.c en ImageMagick permite a los atacantes remotos tener un impacto no especificado al aprovechar un cast impropio, lo que desencadena un desbordamiento de búfer basado en memoria dinámica. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into openi... • http://www.debian.org/security/2017/dsa-3799 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 2CVE-2016-8866
https://notcve.org/view.php?id=CVE-2016-8866
15 Feb 2017 — The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862. La función AcquireMagickMemory en MagickCore/memory.c en ImageMagick 7.0.3.3 en versiones anteriores a 7.0.3.8 permite a atacantes remotos tener un impacto no especificado a través de una imagen manipulada, lo que desencad... • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 29EXPL: 0CVE-2016-9298 – Gentoo Linux Security Advisory 201702-09
https://notcve.org/view.php?id=CVE-2016-9298
27 Jan 2017 — Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image. Desbordamiento de búfer basado en memoria dinámica en la función WaveletDenoiseImage en MagickCore/fx.c en ImageMagick en versiones anteriores a 6.9.6-4 y 7.x en versiones anteriores a 7.0.3-6 permite a atacantes remotos provocar una denegación de servicio (caída) a través de una imagen manipulada. Multiple... • http://www.openwall.com/lists/oss-security/2016/11/13/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-8677 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-8677
30 Nov 2016 — The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure. La función AcquireQuantumPixels en MagickCore/quantum.c en ImageMagick en versiones anteriores a 7.0.3-1 permite a atacantes remotos tener un impacto no especificado a través de un archivo de imagen manipulado, lo que desencadena un fallo en la asignación de memoria. It was discovered that ImageMagick ... • http://lists.opensuse.org/opensuse-updates/2016-10/msg00107.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7799 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-7799
30 Nov 2016 — MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. MagickCore/profile.c en ImageMagick en versiones anteriores a 7.0.3-2 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially... • http://www.debian.org/security/2016/dsa-3726 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8862 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-8862
30 Nov 2016 — The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. La función AcquireMagickMemory en MagickCore/memory.c en ImageMagick en versiones anteriores a 7.0.3.3 permite a atacantes remotos tener un impacto no especificado a través de una imagen manipulada, lo que desencadena un fallo de asignación de memoria. It was discovered that ImageMagick incorrectly handled ce... • http://www.debian.org/security/2016/dsa-3726 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 20EXPL: 2CVE-2016-6491 – Gentoo Linux Security Advisory 201611-21
https://notcve.org/view.php?id=CVE-2016-6491
26 Aug 2016 — Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image. Desbordamiento de búfer en la función Get8BIMProperty en MagickCore/property.c en ImageMagick en versiones anteriores a 6.9.5-4 y 7.x en versiones anteriores a 7.0.2-6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites, fuga de ... • http://www.openwall.com/lists/oss-security/2016/07/28/13 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 22%CPEs: 3EXPL: 1CVE-2016-5841 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5841
26 Aug 2016 — Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. Desbordamiento de entero en MagickCore/profile.c en ImageMagick en versiones anteriores a 7.0.2-1 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) o posiblemente ejecutar código arbitrario a través de vectores que implican a la variable offset. handl... • http://www.openwall.com/lists/oss-security/2016/06/23/1 • CWE-190: Integer Overflow or Wraparound •