CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9142 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9142
22 May 2017 — In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c. En la versión 7.0.5-7 Q16 de ImageMagick, un archivo manipulado podría provocar un fallo de aserción en la función WriteBlob en MagickCore/blob.c debido a la falta de comprobaciones en la función ReadOneJNGImage en coders/png.c. It was discovered that ImageMagick incorrectly handled certain malformed image file... • http://www.debian.org/security/2017/dsa-3863 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9141 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9141
22 May 2017 — In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c. En ImageMagick versión 7.0.5-7 Q16, un archivo diseñado podría activar un fallo de aserción en la función ResetImageProfileIterator en el archivo MagickCore/profile.c debido a la falta de comprobaciones en la función ReadDDSImage en el archivo coders/dds.c. It was discovered that ImageMagick inc... • http://www.debian.org/security/2017/dsa-3863 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-9098 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9098
19 May 2017 — ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. ImageMagick anterior a versión 7.0.5-2 y GraphicsMagick anterior a versión 1.3.24 usan me... • http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8830 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8830
08 May 2017 — In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-6, la función ReadBMPImage en bmp.c:1379 permite a los atacantes causar una denegación de servicio (pérdida de memoria) a través de un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an at... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8765 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8765
04 May 2017 — The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file. La función ReadICONImage en coders\icon.c en ImageMagick versión 7.0.5-5, presenta una vulnerabilidad de fuga de memoria que puede ocasionar un agotamiento de memoria a través de un fichero ICON. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into ... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8346 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8346
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadDCMImage en dcm.c permite a atacantes provocar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could e... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8353 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8353
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadPICTImage en pict.c permite a atacantes provocar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker cou... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8343 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8343
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadAAIImage en aai.c permite a los atacantes causar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8354 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8354
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadBMPImage en bmp.c permite a atacantes provocar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could e... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-8350 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8350
30 Apr 2017 — In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadJNGImage en png.c permite a atacantes provocar una denegación de servicio (pérdida de memoria) a través de un archivo diseñado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could e... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •