CVE-2017-17913
https://notcve.org/view.php?id=CVE-2017-17913
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. En GraphicsMagick 1.4 snapshot-20171217 Q8, existe una sobrelectura de búfer basada en pila en WriteWEBPImage en coders/webp.c. Esto está relacionado con una incompatibilidad con las versiones 0.5.0 y posteriores de libwebp, que emplean un tipo de estructura diferente. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f https://sourceforge.net/p/graphicsmagick/bugs/536 https://usn.ubuntu.com/4266-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •
CVE-2017-17915
https://notcve.org/view.php?id=CVE-2017-17915
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. En GraphicsMagick 1.4 snapshot-20171217 Q8, existe una sobrelectura de búfer basada en memoria dinámica (heap) en ReadMNGImage en coders/png.c. Esto está relacionado con el acceso a un byte antes de probar si se ha alcanzado un límite. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a https://lists.debian.org/debian-lts-announce/2018/01/msg00005.html https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://sourceforge.net/p/graphicsmagick/bugs/535 https://usn.ubuntu.com/4266-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •
CVE-2017-17912
https://notcve.org/view.php?id=CVE-2017-17912
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. En GraphicsMagick 1.4 snapshot-20171217 Q8, existe una sobrelectura de búfer basada en memoria dinámica (heap) en ReadNewsProfile en coders/tiff.c, donde LocaleNCompare lee datos de la memoria dinámica más allá de la región asignada. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/0d871e813a4f https://lists.debian.org/debian-lts-announce/2018/01/msg00005.html https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://sourceforge.net/p/graphicsmagick/bugs/533 https://usn.ubuntu.com/4266-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •