CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9405 – Ubuntu Security Notice USN-3363-1
https://notcve.org/view.php?id=CVE-2017-9405
02 Jun 2017 — In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadICONImage en icon.c:452 permite a los atacantes provocar un ataque de denegación de servicio (filtrado de memoria) mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted i... • https://github.com/ImageMagick/ImageMagick/issues/457 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9407 – Ubuntu Security Notice USN-3363-1
https://notcve.org/view.php?id=CVE-2017-9407
02 Jun 2017 — In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-5, la función ReadPALMImage en palm.c permite a los atacantes provocar un ataque de denegación de servicio (filtrado de memoria) mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an... • https://github.com/ImageMagick/ImageMagick/issues/459 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9262 – Ubuntu Security Notice USN-3363-1
https://notcve.org/view.php?id=CVE-2017-9262
29 May 2017 — In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. En la versión 7.0.5-6 Q16 de ImageMagick, la función ReadJNGImage en coders/png.c permite a los atacantes provocar un ataque de denegación de servicio (filtrado de memoria) mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into openi... • http://www.securityfocus.com/bid/98735 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9261 – Ubuntu Security Notice USN-3363-1
https://notcve.org/view.php?id=CVE-2017-9261
29 May 2017 — In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. En la versión 7.0.5-6 Q16 de ImageMagick, la función ReadMPGImage en coders/png.c permite a los atacantes provocar un ataque de denegación de servicio (filtrado de memoria) mediante un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into openi... • http://www.securityfocus.com/bid/98730 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9143 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9143
22 May 2017 — In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. En ImageMagick 7.0.5-5, la función ReadMPCImage en coders/art.c permite a los atacantes provocar un ataque de denegación de servicio (filtrado de memoria) mediante un archivo .art manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a special... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9144 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9144
22 May 2017 — In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. En ImageMagick 7.0.5-5 una imagen RLE especialmente manipulada puede provocar un cierre inesperado debido a la gestión incorrecta de EQF en coders/rle.c. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of serv... • http://www.debian.org/security/2017/dsa-3863 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9142 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9142
22 May 2017 — In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c. En la versión 7.0.5-7 Q16 de ImageMagick, un archivo manipulado podría provocar un fallo de aserción en la función WriteBlob en MagickCore/blob.c debido a la falta de comprobaciones en la función ReadOneJNGImage en coders/png.c. It was discovered that ImageMagick incorrectly handled certain malformed image file... • http://www.debian.org/security/2017/dsa-3863 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9141 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9141
22 May 2017 — In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c. En ImageMagick versión 7.0.5-7 Q16, un archivo diseñado podría activar un fallo de aserción en la función ResetImageProfileIterator en el archivo MagickCore/profile.c debido a la falta de comprobaciones en la función ReadDDSImage en el archivo coders/dds.c. It was discovered that ImageMagick inc... • http://www.debian.org/security/2017/dsa-3863 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-9098 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-9098
19 May 2017 — ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. ImageMagick anterior a versión 7.0.5-2 y GraphicsMagick anterior a versión 1.3.24 usan me... • http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8830 – Ubuntu Security Notice USN-3302-1
https://notcve.org/view.php?id=CVE-2017-8830
08 May 2017 — In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file. En ImageMagick 7.0.5-6, la función ReadBMPImage en bmp.c:1379 permite a los atacantes causar una denegación de servicio (pérdida de memoria) a través de un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an at... • http://www.debian.org/security/2017/dsa-3863 • CWE-772: Missing Release of Resource after Effective Lifetime •