CVSS: 8.1EPSS: 1%CPEs: 7EXPL: 0CVE-2017-14607 – Debian Security Advisory 4032-1
https://notcve.org/view.php?id=CVE-2017-14607
20 Sep 2017 — In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. En ImageMagick 7.0.7-4 Q16 se ha detectado un error de lectura fuera de límites relacionado con la función ReadTIFFImage en coders/tiff.c. Un atacante podría explotar esta vulnerabilidad para divulgar memoria sensible o provocar el cierre inesperado de la aplicación. It was disc... • http://www.securityfocus.com/bid/100944 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2017-14531 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14531
18 Sep 2017 — ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c. ImageMagick 7.0.7-0 tiene una vulnerabilidad de agotamiento de memoria en ReadSUNImage en coders/sun.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. • http://www.securityfocus.com/bid/100888 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2017-14532 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14532
18 Sep 2017 — ImageMagick 7.0.7-0 has a NULL Pointer Dereference in TIFFIgnoreTags in coders/tiff.c. ImageMagick 7.0.7-0 tiene una vulnerabilidad de desreferencia de puntero NULL en TIFFIgnoreTags en coders/tiff.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invokin... • http://www.securityfocus.com/bid/100883 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14505 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14505
17 Sep 2017 — DrawGetStrokeDashArray in wand/drawing-wand.c in ImageMagick 7.0.7-1 mishandles certain NULL arrays, which allows attackers to perform Denial of Service (NULL pointer dereference and application crash in AcquireQuantumMemory within MagickCore/memory.c) by providing a crafted Image File as input. DrawGetStrokeDashArray en wand/drawing-wand.c en ImageMagick 7.0.7-1 no gestiona correctamente algunos arrays NULL, lo que permite a atacantes provocar denegaciones de servicio (desreferencia de puntero NULL y cierr... • http://www.securityfocus.com/bid/100882 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14400 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14400
12 Sep 2017 — In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file. En ImageMagick 7.0.7-1 Q16, la función PersistPixelCache en magick/cache.c no gestiona correctamente el nexo de caché de píxeles, lo que permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL en la... • http://www.securityfocus.com/bid/100865 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14324
https://notcve.org/view.php?id=CVE-2017-14324
12 Sep 2017 — In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de fuga de memoria en ImageMagick 7.0.7-1 Q16 en la función ReadMPCImage en coders/mpc.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio mediante un archivo manipulado. • http://www.securityfocus.com/bid/100863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2017-14325 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14325
12 Sep 2017 — In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file. Se ha encontrado una vulnerabilidad de fuga de memoria en ImageMagick 7.0.7-1 Q16 en la función PersistPixelCache en magick/cache.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio (consumo de memoria en ReadMPCImage en coders/mpc.c)... • http://www.securityfocus.com/bid/100874 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-14326 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14326
12 Sep 2017 — In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de fuga de memoria en ImageMagick 7.0.7-1 Q16 en la función ReadMATImage en coders/mat.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. I... • https://github.com/ImageMagick/ImageMagick/issues/740 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1CVE-2017-14172 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14172
07 Sep 2017 — In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. En coders/ps.c en ImageMagick 7.0.7-0 Q16, una denegación de servicio en ReadPSImage() por una falta de chequeos EOF (End of File) pod... • https://github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac • CWE-834: Excessive Iteration •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1CVE-2017-14174 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14174
07 Sep 2017 — In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. En coders/psd.c en ImageMagick 7.0.7-0 Q16, una denegación de servicio en ReadPSDLayersInternal() por una falta de chequeos... • https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8 • CWE-834: Excessive Iteration •