Page 48 of 601 results (0.007 seconds)

CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 1

In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call. Se ha encontrado una vulnerabilidad de bucle grande en ImageMagick 7.0.7-12 Q16 en la función ExtractPostscript en coders/wpg.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio (agotamiento de CPU) mediante un archivo de imagen wpg manipulado que desencadena una llamada ReadWPGImage. • http://www.securityfocus.com/bid/102202 https://github.com/ImageMagick/ImageMagick/issues/870 https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://usn.ubuntu.com/3681-1 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1

In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file. Se ha encontrado una vulnerabilidad de bucle infinito en ImageMagick 7.0.7-12 Q16 en la función ReadPSDChannelZip en coders/psd.c. Esta vulnerabilidad permite que los atacantes provoquen una denegación de servicio (agotamiento de CPU) mediante un archivo de imagen psd manipulado. • http://www.securityfocus.com/bid/102206 https://github.com/ImageMagick/ImageMagick/issues/869 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/3681-1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp. ImageMagick en versiones anteriores a la 6.9.9-24 y versiones 7.x anteriores a la 7.0.7-12 presenta un uso de memoria previamente liberada en Magick::Image::read en Magick++/lib/Image.cpp. • http://www.securityfocus.com/bid/102155 https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a https://usn.ubuntu.com/3681-1 https://www.debian.org/security/2017/dsa-4074 https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=33078&sid=5fbb164c3830293138917f9b14264ed1 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1

ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. ImageMagick en versiones anteriores a la 7.0.7-12 presenta una sobrelectura de búfer basada en memoria dinámica (heap) en coders/png.c Magick_png_read_raw_profile mediante un archivo manipulado, relacionado con ReadOneMNGImage. • https://github.com/ImageMagick/ImageMagick/issues/872 https://lists.debian.org/debian-lts-announce/2018/01/msg00000.html https://usn.ubuntu.com/3681-1 https://www.debian.org/security/2017/dsa-4074 https://www.debian.org/security/2018/dsa-4204 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0

The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file. La función ReadWPGImage en coders/wpg.c en ImageMagick 7.0.7-9 no valida correctamente el índice de mapa de colores en una paleta WPG, lo que permite que atacantes remotos provoquen una denegación de servicio (uso de datos no inicializados o asignación de memoria no válida) o, posiblemente, causen otros impactos no especificados mediante un archivo WPG mal formada. • https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53 https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816 https://github.com/ImageMagick/ImageMagick/issues/851 https://usn.ubuntu.com/3681-1 https://www.debian.org/security/2017/dsa-4040 https://www.debian.org/security/2017/dsa-4074 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •