Page 27 of 457 results (0.011 seconds)

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

09 Sep 2017 — A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file. Un desbordamiento de búfer basado en montículos en la función WritePCXImage en coders/pcx.c en ImageMagick 7.0.6-8 Q16 permite que atacantes remotos provoquen una denegación de servicio o ejecución de código mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a u... • http://www.securityfocus.com/bid/100702 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1

07 Sep 2017 — In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. En coders/ps.c en ImageMagick 7.0.7-0 Q16, una denegación de servicio en ReadPSImage() por una falta de chequeos EOF (End of File) pod... • https://github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac • CWE-834: Excessive Iteration •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1

07 Sep 2017 — In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value. En la función ReadTXTImage() en coders/txt.c en ImageMagick 7.0.6-10, podría ocurrir un desbordamiento de enteros por la operación de suma "GetQuantumRange(depth)+1" cuando "depth" ... • https://github.com/ImageMagick/ImageMagick/commit/50f54462076648ac2e36c3f58f4dadd4babbf1c9 • CWE-190: Integer Overflow or Wraparound CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1

07 Sep 2017 — In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. En coders/psd.c en ImageMagick 7.0.7-0 Q16, una denegación de servicio en ReadPSDLayersInternal() por una falta de chequeos... • https://github.com/ImageMagick/ImageMagick/commit/04a567494786d5bb50894fc8bb8fea0cf496bea8 • CWE-834: Excessive Iteration •

CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1

07 Sep 2017 — In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop. En coders/xbm.c en ImageMagick 7.0.6-1 Q16, una denegación de servicio en ReadXBMImage() por una falta de chequeos EOF (End o... • https://github.com/ImageMagick/ImageMagick/commit/d9a8234d211da30baf9526fbebe9a8438ea7e11c • CWE-834: Excessive Iteration •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

04 Sep 2017 — ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. ImageMagick 7.0.6-2 tiene una vulnerabilidad de fuga de memoria en WriteMSLImage en coders/msl.c. • https://github.com/ImageMagick/ImageMagick/issues/578 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

04 Sep 2017 — ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. ReadWEBPImage en coders/webp.c en ImageMagick versión 7.0.6-5, presenta un error causado por una asignación de memoria excesiva, ya que depende solo de un campo longitud en una cabecera. • https://github.com/ImageMagick/ImageMagick/issues/641 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

04 Sep 2017 — ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors. ImageMagick 7.0.6-5 tiene una vulnerabilidad de fuga de memoria en ReadWEBPImage in coders/webp.c ya que la memoria no se libera en algunos casos de error, tal y como lo demuestran los errores VP8. • https://github.com/ImageMagick/ImageMagick/issues/639 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1

01 Sep 2017 — The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file. La función ReadBMPImage en coders/bmp.c de ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo BMP manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a ... • https://github.com/ImageMagick/ImageMagick/issues/652 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1

01 Sep 2017 — The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file. La función ReadVIFFImage en coders/viff.c de ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo VIFF manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into open... • https://github.com/ImageMagick/ImageMagick/issues/653 • CWE-770: Allocation of Resources Without Limits or Throttling •