CVE-2017-14682
https://notcve.org/view.php?id=CVE-2017-14682
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928. GetNextToken en MagickCore/token.c en ImageMagick 7.0.6 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer basado en memoria dinámica o heap y cierre inesperado de aplicación) o, probablemente, provocar cualquier otro tipo de problema mediante un documento SVG modificado. Esta es una vulnerabilidad diferente a CVE-2017-10928. • https://usn.ubuntu.com/3681-1 https://www.debian.org/security/2017/dsa-4032 https://www.debian.org/security/2017/dsa-4040 https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-14625
https://notcve.org/view.php?id=CVE-2017-14625
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_output_create in coders/sixel.c. ImageMagick 7.0.7-0 Q16 tiene una vulnerabilidad de desreferencia de puntero NULL en la función sixel_output_create en coders/sixel.c. • http://www.securityfocus.com/bid/100941 https://github.com/ImageMagick/ImageMagick/issues/721 https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://usn.ubuntu.com/3681-1 • CWE-476: NULL Pointer Dereference •
CVE-2017-14624
https://notcve.org/view.php?id=CVE-2017-14624
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function PostscriptDelegateMessage in coders/ps.c. ImageMagick 7.0.7-0 Q16 tiene una vulnerabilidad de desreferencia de puntero NULL en la función PostscriptDelegateMessage en coders/ps.c. • http://www.securityfocus.com/bid/100940 https://github.com/ImageMagick/ImageMagick/issues/722 https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://usn.ubuntu.com/3681-1 • CWE-476: NULL Pointer Dereference •
CVE-2017-14626
https://notcve.org/view.php?id=CVE-2017-14626
ImageMagick 7.0.7-0 Q16 has a NULL Pointer Dereference vulnerability in the function sixel_decode in coders/sixel.c. ImageMagick 7.0.7-0 Q16 tiene una vulnerabilidad de desreferencia de puntero NULL en la función sixel_decode en coders/sixel.c. • http://www.securityfocus.com/bid/100943 https://github.com/ImageMagick/ImageMagick/issues/720 https://github.com/ImageMagick/ImageMagick/issues/721 https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://usn.ubuntu.com/3681-1 • CWE-476: NULL Pointer Dereference •
CVE-2017-14607
https://notcve.org/view.php?id=CVE-2017-14607
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. En ImageMagick 7.0.7-4 Q16 se ha detectado un error de lectura fuera de límites relacionado con la función ReadTIFFImage en coders/tiff.c. Un atacante podría explotar esta vulnerabilidad para divulgar memoria sensible o provocar el cierre inesperado de la aplicación. • http://www.securityfocus.com/bid/100944 https://github.com/ImageMagick/ImageMagick/issues/765 https://usn.ubuntu.com/3681-1 https://www.debian.org/security/2017/dsa-4032 https://www.debian.org/security/2017/dsa-4040 • CWE-125: Out-of-bounds Read •