CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 1CVE-2017-18273 – ImageMagick: infinite loop ReadTXTImage in function in coders/txt.c
https://notcve.org/view.php?id=CVE-2017-18273
18 May 2018 — In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. Se ha encontrado una vulnerabilidad de bucle infinito en ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22 en la función ReadTXTImage en coders/txt.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio (agotam... • https://github.com/ImageMagick/ImageMagick/issues/910 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2017-18271 – ImageMagick: infinite loop in ReadMIFFImage function in coders/miff.c
https://notcve.org/view.php?id=CVE-2017-18271
18 May 2018 — In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. Se ha encontrado una vulnerabilidad de bucle infinito en ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22 en la función ReadMIFFImage en coders/miff.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio (agotamiento de CPU) mediante un archivo de ima... • https://github.com/ImageMagick/ImageMagick/issues/911 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-10804 – ImageMagick: Memory leak in WriteTIFFImage
https://notcve.org/view.php?id=CVE-2018-10804
08 May 2018 — ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en WriteTIFFImage en coders/tiff.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the progra... • https://github.com/ImageMagick/ImageMagick/issues/1053 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-10805 – ImageMagick: Memory leak in ReadYCBCRImage
https://notcve.org/view.php?id=CVE-2018-10805
08 May 2018 — ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. ImageMagick 7.0.7-28 tiene una vulnerabilidad de fuga de memoria en ReadYCBCRImage en coders/ycbcr.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the prog... • https://github.com/ImageMagick/ImageMagick/issues/1054 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-10177 – ImageMagick: Infinite loop in coders/png.c:ReadOneMNGImage() allows attackers to cause a denial of service via crafted MNG file
https://notcve.org/view.php?id=CVE-2018-10177
16 Apr 2018 — In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. En ImageMagick 7.0.7-28, hay un bucle infinito en la función ReadOneMNGImage del archivo coders/png.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo mng manipulado. An infinite loop has been found in the way ImageMagi... • https://github.com/ImageMagick/ImageMagick/issues/1095 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9135
https://notcve.org/view.php?id=CVE-2018-9135
30 Mar 2018 — In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. En ImageMagick 7.0.7-24 Q16, existe una sobrelectura de búfer basada en memoria dinámica (heap) en IsWEBPImageLossless en coders/webp.c. • https://github.com/ImageMagick/ImageMagick/issues/1009 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-9133 – ImageMagick: excessive iteration in the DecodeLabImage and EncodeLabImage functions in coders/tiff.c
https://notcve.org/view.php?id=CVE-2018-9133
30 Mar 2018 — ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file. ImageMagick 7.0.7-26 Q16 tiene una iteración excesiva en las funciones DecodeLabImage y EncodeLabImage (coders/tiff.c), lo que resulta en un bloqueo de varios minutos con un archivo PoC pequeño. Los atacantes remotos podrían a... • https://github.com/ImageMagick/ImageMagick/issues/1072 • CWE-834: Excessive Iteration CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18253
https://notcve.org/view.php?id=CVE-2017-18253
27 Mar 2018 — An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LoadOpenCLDevices in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file. Se ha descubierto un problema en la versión 7.0.7 de ImageMagick. Se ha encontrado una vulnerabilidad de desreferencia de puntero NULL en la función LogOpenCLBuildFailure en MagickCore/opencl.c que permite a los atacantes provocar una denegación de servicio (DoS) mediante un archivo m... • https://github.com/ImageMagick/ImageMagick/issues/794 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18250
https://notcve.org/view.php?id=CVE-2017-18250
27 Mar 2018 — An issue was discovered in ImageMagick 7.0.7. A NULL pointer dereference vulnerability was found in the function LogOpenCLBuildFailure in MagickCore/opencl.c, which allows attackers to cause a denial of service via a crafted file. Se ha descubierto un problema en la versión 7.0.7 de ImageMagick. Se ha encontrado una vulnerabilidad de desreferencia de puntero NULL en la función LogOpenCLBuildFailure en MagickCore/opencl.c, lo que permite a los atacantes provocar una denegación de servicio (DoS) mediante un a... • https://github.com/ImageMagick/ImageMagick/issues/793 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18254 – ImageMagick: memory leak in WriteGIFImage function in coders/gif.c
https://notcve.org/view.php?id=CVE-2017-18254
27 Mar 2018 — An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha descubierto un problema en la versión 7.0.7 de ImageMagick. Se ha encontrado una vulnerabilidad de filtrado de memoria en la función WriteGIFImage en coders/gif.c que permite a atacantes remotos provocar una denegación de servicio (DoS) mediante un archivo manipulado. A memory leak vulnerability ... • https://github.com/ImageMagick/ImageMagick/issues/808 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •