CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4562
https://notcve.org/view.php?id=CVE-2016-4562
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. La función DrawDashPolygon en MagickCore/draw.c en ImageMagick en versiones anteriores a 6.9.4-0 y 7.x en versiones anteriores a 7.0.1-2 no maneja correctamente los cálculos de ciertos vértices de datos integrados, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer y caída de aplicación) o posiblemente tener otro impacto no especificado a través de un archivo manipulado. • http://www.imagemagick.org/script/changelog.php http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4563
https://notcve.org/view.php?id=CVE-2016-4563
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. La función TraceStrokePolygon en MagickCore/draw.c en ImageMagick en versiones anteriores a 6.9.4-0 y 7.x en versiones anteriores a 7.0.1-2 no maneja correctamente la relación entre el valor BezierQuantum y ciertos trazos de datos, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer y caída de aplicación) o posiblemente tener otro impacto no especificado a través de un archivo manipulado. • http://www.imagemagick.org/script/changelog.php http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4564
https://notcve.org/view.php?id=CVE-2016-4564
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. La función DrawImage en MagickCore/draw.c en ImageMagick en versiones anteriores a 6.9.4-0 y 7.x en versiones anteriores a 7.0.1-2 hace una llamada a una función incorrecta intentando localizar el siguiente token, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer y caída de aplicación) o posiblemente tener otro impacto no especificado a través de un archivo manipulado. • http://www.imagemagick.org/script/changelog.php http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html https://github.com/ImageMagick/ImageMagick/commit/726812fa2fa7ce16bcf58f6e115f65427a1c0950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 97%CPEs: 12EXPL: 7CVE-2016-3714 – ImageMagick Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2016-3714
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick." Los codificadores (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN y (8) PLT en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permiten a atacantes remotos ejecutar código arbitrario a través de metacaracteres shell en una imagen manipulada, también conocido como "ImageTragick". It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. • https://www.exploit-db.com/exploits/39767 https://www.exploit-db.com/exploits/39791 https://github.com/Hood3dRob1n/CVE-2016-3714 https://github.com/jpeanut/ImageTragick-CVE-2016-3714-RShell https://github.com/chusiang/CVE-2016-3714.ansible.role https://github.com/JoshMorrison99/CVE-2016-3714 https://github.com/tommiionfire/CVE-2016-3714 http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog http://lists.opensuse.org/opensuse-security-announce/2016-05/msg • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 81%CPEs: 84EXPL: 2CVE-2016-3715 – ImageMagick Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2016-3715
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. El codificador EPHEMERAL en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permite a atacantes remotos eliminar archivos arbitrarios a través de una imagen manipulada. It was discovered that certain ImageMagick coders and pseudo-protocols did not properly prevent security sensitive operations when processing specially crafted images. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would allow the attacker to delete arbitrary files. ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading. • https://www.exploit-db.com/exploits/39767 http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html http&# • CWE-20: Improper Input Validation •