CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2017-9142 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9142
22 May 2017 — In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c. En la versión 7.0.5-7 Q16 de ImageMagick, un archivo manipulado podría provocar un fallo de aserción en la función WriteBlob en MagickCore/blob.c debido a la falta de comprobaciones en la función ReadOneJNGImage en coders/png.c. It was discovered that ImageMagick incorrectly handled certain malformed image file... • http://www.debian.org/security/2017/dsa-3863 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9143 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9143
22 May 2017 — In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. En ImageMagick 7.0.5-5, la función ReadMPCImage en coders/art.c permite a los atacantes provocar un ataque de denegación de servicio (filtrado de memoria) mediante un archivo .art manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a special... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2017-9144 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9144
22 May 2017 — In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. En ImageMagick 7.0.5-5 una imagen RLE especialmente manipulada puede provocar un cierre inesperado debido a la gestión incorrecta de EQF en coders/rle.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of serv... • http://www.debian.org/security/2017/dsa-3863 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 1CVE-2017-9098 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9098
19 May 2017 — ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. ImageMagick anterior a versión 7.0.5-2 y GraphicsMagick anterior a versión 1.3.24 usan me... • http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8830 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8830
08 May 2017 — In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-6, la función ReadBMPImage en bmp.c:1379 permite a los atacantes causar una denegación de servicio (pérdida de memoria) a través de un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an at... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8765 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8765
04 May 2017 — The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file. La función ReadICONImage en coders\icon.c en ImageMagick versión 7.0.5-5, presenta una vulnerabilidad de fuga de memoria que puede ocasionar un agotamiento de memoria a través de un fichero ICON. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into ... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8343 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8343
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadAAIImage en aai.c permite a los atacantes causar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8344 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8344
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadPCXImage en pcx.c permite a atacantes provocar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could e... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8346 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8346
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadDCMImage en dcm.c permite a atacantes provocar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could e... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8347 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8347
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadEXRImage en exr.c permite a atacantes provocar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could e... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •