CVE-2019-12977
https://notcve.org/view.php?id=CVE-2019-12977
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de "use of uninitialized value" en la función WriteJP2Image en coders/jp2.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1518 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 • CWE-665: Improper Initialization •
CVE-2019-12976 – imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c
https://notcve.org/view.php?id=CVE-2019-12976
ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. ImageMagick versión 7.0.8-34 tiene una pérdida de memoria en la función ReadPCLImage en coders/pcl.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the ReadPCLImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1520 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12976 https://bugzilla.redhat.com/show_bug.cgi?id=1732284 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2019-12975 – imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c
https://notcve.org/view.php?id=CVE-2019-12975
ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de pérdida de memoria en la función WriteDPXImage en coders/dpx.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the WriteDPXImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1517 https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12975 https://bugzilla.redhat.com/show_bug.cgi?id=1732282 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2019-12974 – imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service
https://notcve.org/view.php?id=CVE-2019-12974
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image. Una desreferencia de puntero NULL en la función ReadPANGOImage en coders/pango.c y la función ReadVIDImage en coders/vid.c en ImageMagick versión 7.0.8-34 permite a los atacantes remotos provocar una denegación de servicio a través de una imagen diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html http://www.securityfocus.com/bid/108913 https://github.com/ImageMagick/ImageMagick/issues/1515 https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-12974 https://bugzilla.redhat.com/show_bug.cgi?id= • CWE-476: NULL Pointer Dereference •
CVE-2017-12805 – ImageMagick: memory exhaustion in function ReadTIFFImage causing denial of service
https://notcve.org/view.php?id=CVE-2017-12805
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. En ImageMagick versión 7.0.6-6, se encontró una vulnerabilidad de agotamiento de la memoria en la función ReadTIFFImage, que permite a los atacantes generar una Denegación de Servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html https://github.com/ImageMagick/ImageMagick/issues/664 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ https://usn.ubuntu.com/4034-1 https://access.redhat.com/security/cve/CVE-2017 • CWE-400: Uncontrolled Resource Consumption •