CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 1CVE-2016-8707 – Ubuntu Security Notice USN-3222-1
https://notcve.org/view.php?id=CVE-2016-8707
23 Dec 2016 — An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality. Existe una escritura fuera de límites explotable en el manejo de imágenes TIFF comprimidas en la utilidad de conversión ImageMagicks. Un documento... • http://www.debian.org/security/2017/dsa-3799 • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 0CVE-2016-6520
https://notcve.org/view.php?id=CVE-2016-6520
13 Dec 2016 — Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology. Desbordamiento de búfer en MagickCore/enhance.c en ImageMagick en versiones anteriores a 7.0.2-7 permite a atacantes remotos tener un impacto no especificado a través de vectores relacionados con morfología de caché de píxeles. • http://www.imagemagick.org/script/changelog.php • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-8677 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-8677
30 Nov 2016 — The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure. La función AcquireQuantumPixels en MagickCore/quantum.c en ImageMagick en versiones anteriores a 7.0.3-1 permite a atacantes remotos tener un impacto no especificado a través de un archivo de imagen manipulado, lo que desencadena un fallo en la asignación de memoria. It was discovered that ImageMagick ... • http://lists.opensuse.org/opensuse-updates/2016-10/msg00107.html •
CVSS: 5.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-9556 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-9556
30 Nov 2016 — The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. La función IsPixelGray en MagickCore/pixel-accessor.h en ImageMagick 7.0.3-8 permite a atacantes remotos provocar una denegación de servicio (lectura de memoria dinámica fuera de límites) a través de un archivo de imagen manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 4%CPEs: 3EXPL: 0CVE-2016-7799 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-7799
30 Nov 2016 — MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. MagickCore/profile.c en ImageMagick en versiones anteriores a 7.0.3-2 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially... • http://www.debian.org/security/2016/dsa-3726 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8862 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-8862
30 Nov 2016 — The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. La función AcquireMagickMemory en MagickCore/memory.c en ImageMagick en versiones anteriores a 7.0.3.3 permite a atacantes remotos tener un impacto no especificado a través de una imagen manipulada, lo que desencadena un fallo de asignación de memoria. It was discovered that ImageMagick incorrectly handled ce... • http://www.debian.org/security/2016/dsa-3726 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 2%CPEs: 2EXPL: 0CVE-2016-7906 – Ubuntu Security Notice USN-3142-1
https://notcve.org/view.php?id=CVE-2016-7906
30 Nov 2016 — magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file. magick/attribute.c en ImageMagick 7.0.3-2 permite a atacantes remotos provocar una denegación de servicio (uso después de liberación) a través de un archivo manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploi... • http://www.debian.org/security/2016/dsa-3726 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9812 – Ubuntu Security Notice USN-3131-1
https://notcve.org/view.php?id=CVE-2014-9812
21 Nov 2016 — ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. ImageMagick permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través de un archivo ps manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possi... • http://www.openwall.com/lists/oss-security/2014/12/24/1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9817 – Ubuntu Security Notice USN-3131-1
https://notcve.org/view.php?id=CVE-2014-9817
21 Nov 2016 — Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. Desbordamiento de búfer basado en memoria dinámica en ImageMagick permite a atacantes remotos tener un impacto no especificado a través de un archivo pdb manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a ... • http://www.openwall.com/lists/oss-security/2014/12/24/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 0CVE-2014-9813 – Ubuntu Security Notice USN-3131-1
https://notcve.org/view.php?id=CVE-2014-9813
21 Nov 2016 — ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. ImageMagick permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un archivo viff manipulado. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execu... • http://www.openwall.com/lists/oss-security/2014/12/24/1 • CWE-20: Improper Input Validation •