CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1CVE-2017-14341 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14341
12 Sep 2017 — ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file. ImageMagick 7.0.6-6 cuenta con una gran vulnerabilidad de bucle en ReadWPGImage en coders/wpg.c, provocando el agotamiento de la CPU mediante un archivo de imagen wpg manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attack... • https://github.com/ImageMagick/ImageMagick/commit/7d63315a64267c565d1f34b9cb523a14616fed24 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-14342 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14342
12 Sep 2017 — ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file. ImageMagick 7.0.6-6 cuenta con una vulnerabilidad de agotamiento de memoria en ReadWPGImage en coders/wpg.c mediante un archivo de imagen wpg manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of... • https://github.com/ImageMagick/ImageMagick/issues/650 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-14343 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14343
12 Sep 2017 — ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file. ImageMagick 7.0.6-6 cuenta con una vulnerabilidad de fuga de memoria en ReadXCFImage en coders/xcf.c mediante un archivo de imagen xcf manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or p... • https://github.com/ImageMagick/ImageMagick/issues/649 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14324
https://notcve.org/view.php?id=CVE-2017-14324
12 Sep 2017 — In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de fuga de memoria en ImageMagick 7.0.7-1 Q16 en la función ReadMPCImage en coders/mpc.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio mediante un archivo manipulado. • http://www.securityfocus.com/bid/100863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2017-14325 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14325
12 Sep 2017 — In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file. Se ha encontrado una vulnerabilidad de fuga de memoria en ImageMagick 7.0.7-1 Q16 en la función PersistPixelCache en magick/cache.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio (consumo de memoria en ReadMPCImage en coders/mpc.c)... • http://www.securityfocus.com/bid/100874 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-14326 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14326
12 Sep 2017 — In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. Se ha encontrado una vulnerabilidad de fuga de memoria en ImageMagick 7.0.7-1 Q16 en la función ReadMATImage en coders/mat.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. I... • https://github.com/ImageMagick/ImageMagick/issues/740 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14248
https://notcve.org/view.php?id=CVE-2017-14248
11 Sep 2017 — A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file. Una vulnerabilidad de sobrelectura de búfer basada en memoria dinámica (heap) en SampleImage() en MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 permite que atacantes remotos provoquen una denegación de servicio mediante un archivo manipulado. • https://github.com/ImageMagick/ImageMagick/issues/717 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14249 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14249
11 Sep 2017 — ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file. ImageMagick 7.0.6-8 Q16 gestiona los chequeos EOF incorrectamente en ReadMPCImage in coders/mpc.c, provocando una división entre cero en GetPixelCacheTileSize in MagickCore/cache.c, permitiendo a los atacantes remotos provocar una denegación de servicio mediante un archivo manipula... • https://github.com/ImageMagick/ImageMagick/issues/708 • CWE-369: Divide By Zero •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2017-14224 – Debian Security Advisory 4032-1
https://notcve.org/view.php?id=CVE-2017-14224
09 Sep 2017 — A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file. Un desbordamiento de búfer basado en montículos en la función WritePCXImage en coders/pcx.c en ImageMagick 7.0.6-8 Q16 permite que atacantes remotos provoquen una denegación de servicio o ejecución de código mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a u... • http://www.securityfocus.com/bid/100702 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 1CVE-2017-14172 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2017-14172
07 Sep 2017 — In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop. En coders/ps.c en ImageMagick 7.0.7-0 Q16, una denegación de servicio en ReadPSImage() por una falta de chequeos EOF (End of File) pod... • https://github.com/ImageMagick/ImageMagick/commit/bdbbb13f1fe9b7e2465502c500561720f7456aac • CWE-834: Excessive Iteration •