CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-17915
https://notcve.org/view.php?id=CVE-2017-17915
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadMNGImage in coders/png.c, related to accessing one byte before testing whether a limit has been reached. En GraphicsMagick 1.4 snapshot-20171217 Q8, existe una sobrelectura de búfer basada en memoria dinámica (heap) en ReadMNGImage en coders/png.c. Esto está relacionado con el acceso a un byte antes de probar si se ha alcanzado un límite. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a https://lists.debian.org/debian-lts-announce/2018/01/msg00005.html https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://sourceforge.net/p/graphicsmagick/bugs/535 https://usn.ubuntu.com/4266-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-17913
https://notcve.org/view.php?id=CVE-2017-17913
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to an incompatibility with libwebp versions, 0.5.0 and later, that use a different structure type. En GraphicsMagick 1.4 snapshot-20171217 Q8, existe una sobrelectura de búfer basada en pila en WriteWEBPImage en coders/webp.c. Esto está relacionado con una incompatibilidad con las versiones 0.5.0 y posteriores de libwebp, que emplean un tipo de estructura diferente. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f https://sourceforge.net/p/graphicsmagick/bugs/536 https://usn.ubuntu.com/4266-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-17912
https://notcve.org/view.php?id=CVE-2017-17912
In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based buffer over-read in ReadNewsProfile in coders/tiff.c, in which LocaleNCompare reads heap data beyond the allocated region. En GraphicsMagick 1.4 snapshot-20171217 Q8, existe una sobrelectura de búfer basada en memoria dinámica (heap) en ReadNewsProfile en coders/tiff.c, donde LocaleNCompare lee datos de la memoria dinámica más allá de la región asignada. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/0d871e813a4f https://lists.debian.org/debian-lts-announce/2018/01/msg00005.html https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://sourceforge.net/p/graphicsmagick/bugs/533 https://usn.ubuntu.com/4266-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-17783
https://notcve.org/view.php?id=CVE-2017-17783
In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8. En GraphicsMagick 1.3.27a, existe una sobrelectura de búfer en ReadPALMImage en coders/palm.c cuando QuantumDepth es 8. • http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=60932931559a https://sourceforge.net/p/graphicsmagick/bugs/529 https://usn.ubuntu.com/4248-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-17782
https://notcve.org/view.php?id=CVE-2017-17782
In GraphicsMagick 1.3.27a, there is a heap-based buffer over-read in ReadOneJNGImage in coders/png.c, related to oFFs chunk allocation. En GraphicsMagick 1.3.27a, hay una sobrelectura de búfer basada en memoria dinámica (heap) en ReadOneJNGImage en coders/png. c. Esto está relacionado con la asignación de chunks oFFs. • http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=8e3d2264109c https://lists.debian.org/debian-lts-announce/2018/01/msg00005.html https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://sourceforge.net/p/graphicsmagick/bugs/530 https://usn.ubuntu.com/4248-1 https://www.debian.org/security/2018/dsa-4321 • CWE-125: Out-of-bounds Read •