CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1CVE-2016-5690 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5690
26 Aug 2016 — The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table. La función ReadDCMImage en DCM reader en ImageMagick en versiones anteriores a 6.9.4-5 y 7.x en versiones anteriores a 7.0.1-7 permite a atacantes remotos tener un impacto no especificado a través de vectores que implican la instrucción por computación de la tabla de escalado de píxeles. h... • http://www.openwall.com/lists/oss-security/2016/06/14/5 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 1CVE-2016-5689 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5689
26 Aug 2016 — The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. El DCM reader en ImageMagick en versiones anteriores a 6.9.4-5 y 7.x en versiones anteriores a 7.0.1-7 permite a atacantes remotos tener un impacto no especificado aprovechando la falta de validación de punteros NULL. handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary ... • http://www.openwall.com/lists/oss-security/2016/06/14/5 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 1%CPEs: 20EXPL: 2CVE-2016-6491 – Gentoo Linux Security Advisory 201611-21
https://notcve.org/view.php?id=CVE-2016-6491
26 Aug 2016 — Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image. Desbordamiento de búfer en la función Get8BIMProperty en MagickCore/property.c en ImageMagick en versiones anteriores a 6.9.5-4 y 7.x en versiones anteriores a 7.0.2-6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites, fuga de ... • http://www.openwall.com/lists/oss-security/2016/07/28/13 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2015-8896 – ImageMagick: Integer truncation vulnerability in coders/pict.c
https://notcve.org/view.php?id=CVE-2015-8896
17 Jun 2016 — Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. Problema de truncamiento de entero en coders/pict.c en ImageMagick en versiones anteriores a 7.0.5-0 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un archivo .pict manipulado. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple... • http://www.openwall.com/lists/oss-security/2015/10/07/2 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5239 – ImageMagick,GraphicsMagick: Gnuplot delegate vulnerability allowing command injection
https://notcve.org/view.php?id=CVE-2016-5239
17 Jun 2016 — The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors. La funcionalidad de delegación gnuplot en ImageMagick en versiones anteriores a 6.9.4-0 y GraphicsMagick permite a atacantes remotos ejecutar comandos arbitrarios a través de vectores no especificados. It was discovered that ImageMagick did not properly sanitize certain input before passing it to the gnuplot delegate functionality. A remote attack... • http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 1%CPEs: 74EXPL: 0CVE-2015-8895 – ImageMagick: Integer and buffer overflow in coders/icon.c
https://notcve.org/view.php?id=CVE-2015-8895
17 Jun 2016 — Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow. Desbordamiento de entero en coders/icon.c en ImageMagick 6.9.1-3 y versiones posteriores permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un valor de longitud manipulado, lo que desencadena un desbordamiento de búfer. ImageMagick is an image display and mani... • http://www.openwall.com/lists/oss-security/2016/06/02/13 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8897 – ImageMagick: Crash due to out of bounds error in SpliceImage
https://notcve.org/view.php?id=CVE-2015-8897
17 Jun 2016 — The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (application crash) via a crafted png file. La función SpliceImage en MagickCore/transform.c en ImageMagick en versiones anteriores a 6.9.2-4 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un archivo png manipulado. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple ... • http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8898 – ImageMagick: Prevent NULL pointer access in magick/constitute.c
https://notcve.org/view.php?id=CVE-2015-8898
17 Jun 2016 — The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file. La función WriteImages en magick/constitu.c en ImageMagick en versiones anteriores a 6.9.2-4 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través de un archivo de imagen manipulado. ImageMagick is an image display and manipulation tool for the X Window System that can read and wr... • http://www.openwall.com/lists/oss-security/2016/06/02/13 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4562 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-4562
04 Jun 2016 — The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. La función DrawDashPolygon en MagickCore/draw.c en ImageMagick en versiones anteriores a 6.9.4-0 y 7.x en versiones anteriores a 7.0.1-2 no maneja correctamente los cálculos de ciertos vérti... • http://www.imagemagick.org/script/changelog.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2016-4564 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-4564
04 Jun 2016 — The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. La función DrawImage en MagickCore/draw.c en ImageMagick en versiones anteriores a 6.9.4-0 y 7.x en versiones anteriores a 7.0.1-2 hace una llamada a una función incorrecta intentan... • http://www.imagemagick.org/script/changelog.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •