Page 30 of 169 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file. El codificador SGI en ImageMagick en versiones anteriores a 7.0.2-10 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un valor de fila grande en un archivo sgi. • http://www.openwall.com/lists/oss-security/2016/09/26/8 http://www.securityfocus.com/bid/93181 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776 https://github.com/ImageMagick/ImageMagick/commit/7afcf9f71043df15508e46f079387bd4689a738d https://github.com/ImageMagick/ImageMagick/commit/8f8959033e4e59418d6506b345829af1f7a71127 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write. Desbordamiento de entero en el codificador BMP en ImageMagick en versiones anteriores a 7.0.2-10 permite a atacantes remotos provocar una denegación de servicio (caída) a través de valores de longitud y anchura manipulados, lo que desencadena una escritura fuera de límites. • http://www.openwall.com/lists/oss-security/2016/09/26/3 http://www.securityfocus.com/bid/93158 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834504 https://github.com/ImageMagick/ImageMagick/commit/4cc6ec8a4197d4c008577127736bf7985d632323 • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology. Desbordamiento de búfer en MagickCore/enhance.c en ImageMagick en versiones anteriores a 7.0.2-7 permite a atacantes remotos tener un impacto no especificado a través de vectores relacionados con morfología de caché de píxeles. • http://www.imagemagick.org/script/changelog.php http://www.openwall.com/lists/oss-security/2016/08/02/10 http://www.openwall.com/lists/oss-security/2016/08/02/6 http://www.securitytracker.com/id/1036502 https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 10%CPEs: 3EXPL: 0

MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. MagickCore/profile.c en ImageMagick en versiones anteriores a 7.0.3-2 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo manipulado. • http://www.debian.org/security/2016/dsa-3726 http://www.openwall.com/lists/oss-security/2016/10/01/4 http://www.openwall.com/lists/oss-security/2016/10/01/6 http://www.securityfocus.com/bid/93264 https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa https://github.com/ImageMagick/ImageMagick/issues/280 https://security.gentoo.org/glsa/201611-21 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. La función AcquireMagickMemory en MagickCore/memory.c en ImageMagick en versiones anteriores a 7.0.3.3 permite a atacantes remotos tener un impacto no especificado a través de una imagen manipulada, lo que desencadena un fallo de asignación de memoria. • http://www.debian.org/security/2016/dsa-3726 http://www.openwall.com/lists/oss-security/2016/10/20/2 http://www.openwall.com/lists/oss-security/2016/10/20/3 http://www.securityfocus.com/bid/93794 https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c https://bugzilla.redhat.com/show_bug.cgi?id=1387135 https://github.com/ImageMagick/ImageMagick/issues/271 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •