CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-6876
https://notcve.org/view.php?id=CVE-2018-6876
09 Feb 2018 — The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image. La clase OLEProperty class en ole/oleprop.cpp en libfpx 1.3.1-10, tal y como se emplea en ImageMagick 7.0.7-22 Q16 y otros productos, permite que atacantes remotos provoquen una denegación de servicio (sublectura de búfer basada en pila) mediante una imagen bmp manipulada. • http://www.securityfocus.com/bid/103035 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-6405 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2018-6405
30 Jan 2018 — In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. En la función ReadDCMImage en coders/dcm.c en ImageMagick, en versiones anteriores a la 7.0.7-23, cada variable redmap, greenmap y bluemap puede ser sobrescrita por un nuevo puntero. El puntero anterior se pierde, lo que conduce a una ... • https://github.com/ImageMagick/ImageMagick/issues/964 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18028 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-18028
12 Jan 2018 — In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de agotamiento de memoria en ImageMagick 7.0.7-1 Q16 en la función ReadTIFFImage en coders/tiff.c. Esta vulnerabilidad permite que los atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled c... • https://github.com/ImageMagick/ImageMagick/issues/736 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18027 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-18027
12 Jan 2018 — In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de filtrado de memoria en ImageMagick 7.0.7-1 Q16 en la función ReadMATImage en coders/mat.c. Esta vulnerabilidad permite que los atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malfor... • http://www.securityfocus.com/bid/102527 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18029 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-18029
12 Jan 2018 — In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de filtrado de memoria en ImageMagick 7.0.6-10 Q16 en la función ReadMATImage en coders/mat.c. Esta vulnerabilidad permite que los atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malf... • http://www.securityfocus.com/bid/102519 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-5357 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2018-5357
12 Jan 2018 — ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. ImageMagick 7.0.7-22 Q16 tiene fugas de memoria en la función ReadDCMImage en coders/dcm.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. • http://www.securityfocus.com/bid/102497 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-5358 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2018-5358
12 Jan 2018 — ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c. ImageMagick 7.0.7-22 Q16 tiene fugas de memoria en la función EncodeImageAttributes en coders/json.c, tal y como demuestra la función ReadPSDLayersInternal en coders/psd.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a speciall... • https://github.com/ImageMagick/ImageMagick/issues/939 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-5247 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2018-5247
05 Jan 2018 — In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. ImageMagick 7.0.7-17 Q16 tiene una fuga de memoria en ReadRLAImage en coders/rla.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. • https://github.com/ImageMagick/ImageMagick/issues/928 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 1CVE-2018-5248 – Debian Security Advisory 4204-1
https://notcve.org/view.php?id=CVE-2018-5248
05 Jan 2018 — In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. En ImageMagick 7.0.7-17 Q16, hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función ReadSIXELImage en coders/sixel.c, relacionada con la función sixel_decode. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially cr... • http://www.securityfocus.com/bid/102431 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-18022 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-18022
05 Jan 2018 — In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. ImageMagick 7.0.7-12 Q16 tiene una fuga de memoria en MontageImageCommand en MagickWand/montage.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking ... • http://www.securityfocus.com/bid/102437 • CWE-772: Missing Release of Resource after Effective Lifetime •