CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1CVE-2016-5689 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5689
26 Aug 2016 — The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks. El DCM reader en ImageMagick en versiones anteriores a 6.9.4-5 y 7.x en versiones anteriores a 7.0.1-7 permite a atacantes remotos tener un impacto no especificado aprovechando la falta de validación de punteros NULL. handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary ... • http://www.openwall.com/lists/oss-security/2016/06/14/5 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 5%CPEs: 3EXPL: 1CVE-2016-5841 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5841
26 Aug 2016 — Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. Desbordamiento de entero en MagickCore/profile.c en ImageMagick en versiones anteriores a 7.0.2-1 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) o posiblemente ejecutar código arbitrario a través de vectores que implican a la variable offset. handl... • http://www.openwall.com/lists/oss-security/2016/06/23/1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 1CVE-2016-5690 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5690
26 Aug 2016 — The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table. La función ReadDCMImage en DCM reader en ImageMagick en versiones anteriores a 6.9.4-5 y 7.x en versiones anteriores a 7.0.1-7 permite a atacantes remotos tener un impacto no especificado a través de vectores que implican la instrucción por computación de la tabla de escalado de píxeles. h... • http://www.openwall.com/lists/oss-security/2016/06/14/5 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 1CVE-2016-5691 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5691
26 Aug 2016 — The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue. El DCM reader en ImageMagick en versiones anteriores a 6.9.4-5 y 7.x en versiones anteriores a 7.0.1-7 permite a atacantes remotos tener un impacto no especificado al aprovechar la falta de validación de (1) pixel.red, (2) pixel.green y (3) pixel.blue. handling problems and cases of missing or incomplete... • http://www.openwall.com/lists/oss-security/2016/06/14/5 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 2%CPEs: 7EXPL: 0CVE-2016-5688 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-5688
26 Aug 2016 — The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions. El analizador WPG en ImageMagick en versiones anteriores a 6.9.4-4 y 7.x en versiones anteriores a 7.0.1-5, cuando se establece un lí... • http://www.openwall.com/lists/oss-security/2016/06/14/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 2CVE-2016-5842 – Gentoo Linux Security Advisory 201611-21
https://notcve.org/view.php?id=CVE-2016-5842
26 Aug 2016 — MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read. MagickCore/property.c en ImageMagick en versiones anteriores a 7.0.2-1 permite a atacantes remotos obtener información de memoria sensible a través de vectores que implican a la variable q, lo que desencadena una lectura fuera de límites. handling problems and cases of missing or incomplete input sanitising may result i... • http://www.openwall.com/lists/oss-security/2016/06/23/1 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 2CVE-2016-6491 – Gentoo Linux Security Advisory 201611-21
https://notcve.org/view.php?id=CVE-2016-6491
26 Aug 2016 — Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image. Desbordamiento de búfer en la función Get8BIMProperty en MagickCore/property.c en ImageMagick en versiones anteriores a 6.9.5-4 y 7.x en versiones anteriores a 7.0.2-6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites, fuga de ... • http://www.openwall.com/lists/oss-security/2016/07/28/13 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 2%CPEs: 25EXPL: 0CVE-2015-8896 – ImageMagick: Integer truncation vulnerability in coders/pict.c
https://notcve.org/view.php?id=CVE-2015-8896
17 Jun 2016 — Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. Problema de truncamiento de entero en coders/pict.c en ImageMagick en versiones anteriores a 7.0.5-0 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un archivo .pict manipulado. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple... • http://www.openwall.com/lists/oss-security/2015/10/07/2 •
CVSS: 7.5EPSS: 1%CPEs: 74EXPL: 0CVE-2015-8895 – ImageMagick: Integer and buffer overflow in coders/icon.c
https://notcve.org/view.php?id=CVE-2015-8895
17 Jun 2016 — Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow. Desbordamiento de entero en coders/icon.c en ImageMagick 6.9.1-3 y versiones posteriores permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un valor de longitud manipulado, lo que desencadena un desbordamiento de búfer. ImageMagick is an image display and mani... • http://www.openwall.com/lists/oss-security/2016/06/02/13 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4563 – Debian Security Advisory 3652-1
https://notcve.org/view.php?id=CVE-2016-4563
04 Jun 2016 — The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. La función TraceStrokePolygon en MagickCore/draw.c en ImageMagick en versiones anteriores a 6.9.4-0 y 7.x en versiones anteriores a 7.0.1-2 no maneja correctam... • http://www.imagemagick.org/script/changelog.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •