CVE-2018-5248
https://notcve.org/view.php?id=CVE-2018-5248
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function. En ImageMagick 7.0.7-17 Q16, hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función ReadSIXELImage en coders/sixel.c, relacionada con la función sixel_decode. • http://www.securityfocus.com/bid/102431 https://github.com/ImageMagick/ImageMagick/issues/927 https://usn.ubuntu.com/3681-1 https://www.debian.org/security/2018/dsa-4204 https://www.debian.org/security/2018/dsa-4245 • CWE-125: Out-of-bounds Read •
CVE-2018-5247
https://notcve.org/view.php?id=CVE-2018-5247
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. ImageMagick 7.0.7-17 Q16 tiene una fuga de memoria en ReadRLAImage en coders/rla.c. • https://github.com/ImageMagick/ImageMagick/issues/928 https://usn.ubuntu.com/3681-1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-18022
https://notcve.org/view.php?id=CVE-2017-18022
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. ImageMagick 7.0.7-12 Q16 tiene una fuga de memoria en MontageImageCommand en MagickWand/montage.c. • http://www.securityfocus.com/bid/102437 https://github.com/ImageMagick/ImageMagick/issues/904 https://usn.ubuntu.com/3681-1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-1000476 – ImageMagick: CPU exhaustion vulnerability in function ReadDDSInfo in coders/dds.c
https://notcve.org/view.php?id=CVE-2017-1000476
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. Se ha encontrado una vulnerabilidad de agotamiento de CPU en ImageMagick 7.0.7-12 Q16 en la función ReadPDBImage en coders/dds.c. Esta vulnerabilidad permite que los atacantes causen una denegación de servicio. • http://www.securityfocus.com/bid/102428 https://github.com/ImageMagick/ImageMagick/issues/867 https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://usn.ubuntu.com/3681-1 https://access.redhat.com/security/cve/CVE-2017-1000476 https://bugzilla.redhat.com/show_bug.cgi?id=1532845 • CWE-400: Uncontrolled Resource Consumption •
CVE-2017-1000445
https://notcve.org/view.php?id=CVE-2017-1000445
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service ImageMagick 7.0.7-1 y anteriores es vulnerable a una desreferencia de puntero NULL en el componente MagickCore. Esto podría desembocar en una denegación de servicio (DoS). • http://www.securityfocus.com/bid/102368 https://github.com/ImageMagick/ImageMagick/issues/775 https://lists.debian.org/debian-lts-announce/2018/01/msg00002.html https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://usn.ubuntu.com/3681-1 • CWE-476: NULL Pointer Dereference •