Page 48 of 242 results (0.010 seconds)

CVSS: 2.6EPSS: 46%CPEs: 29EXPL: 3

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow. Desbordamiento de entero en la función ReadSGIImage en sgi.c de ImageMagick anterior a 6.2.9 permite a atacantes con la intervención del usuario provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante (1) bytes_per_pixel, (2) columnas, y (3) valores de fila, que provocan un desbordamiento de búfer basado en montón. • https://www.exploit-db.com/exploits/28383 ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://secunia.com/advisories/21462 http://secunia.com/advisories/21525 http://secunia.com/advisories/21621 http://secunia.com/advisories/21671 http://secunia.com/advisories/21679 http://secunia.com/advisories/21832 http://secunia.com/advisories/22036 http://secunia.com/advisories/22096 http://secunia.com/advisories/22998 http://security.gentoo.org/glsa/glsa&# •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function. • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595 http://secunia.com/advisories/21719 http://secunia.com/advisories/24186 http://secunia.com/advisories/24284 http://www.debian.org/security/2006/dsa-1168 http://www.redhat.com/support/errata/RHSA-2007-0015.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9481 https://access.redhat.com/security/cve/CVE-2006-2 •

CVSS: 7.2EPSS: 0%CPEs: 58EXPL: 0

ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. • http://secunia.com/advisories/17427 http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml http://www.osvdb.org/20528 http://www.securityfocus.com/bid/15120 http://www.vupen.com/english/advisories/2005/2281 •

CVSS: 5.0EPSS: 3%CPEs: 43EXPL: 1

The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask. • http://bugs.gentoo.org/show_bug.cgi?id=90423 http://secunia.com/advisories/15429 http://secunia.com/advisories/15446 http://secunia.com/advisories/15453 http://security.gentoo.org/glsa/glsa-200505-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:107 http://www.osvdb.org/16774 http://www.osvdb.org/16775 http://www.redhat.com/support/errata/RHSA-2005-480.html http://www.securityfocus.com/bid/13705 https://oval.cisecurity.org/repository/search/defini •

CVSS: 5.0EPSS: 2%CPEs: 29EXPL: 5

Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. • https://www.exploit-db.com/exploits/25527 http://bugs.gentoo.org/show_bug.cgi?id=90423 http://seclists.org/lists/bugtraq/2005/Apr/0407.html http://www.imagemagick.org/script/changelog.php http://www.mandriva.com/security/advisories?name=MDKSA-2005:107 http://www.overflow.pl/adv/imheapoverflow.txt http://www.redhat.com/support/errata/RHSA-2005-413.html http://www.securityfocus.com/bid/13351 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3 •