CVE-2017-14137
https://notcve.org/view.php?id=CVE-2017-14137
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. ReadWEBPImage en coders/webp.c en ImageMagick versión 7.0.6-5, presenta un error causado por una asignación de memoria excesiva, ya que depende solo de un campo longitud en una cabecera. • https://github.com/ImageMagick/ImageMagick/issues/641 https://security.gentoo.org/glsa/201711-07 • CWE-400: Uncontrolled Resource Consumption •
CVE-2017-14139
https://notcve.org/view.php?id=CVE-2017-14139
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. ImageMagick 7.0.6-2 tiene una vulnerabilidad de fuga de memoria en WriteMSLImage en coders/msl.c. • https://github.com/ImageMagick/ImageMagick/issues/578 https://security.gentoo.org/glsa/201711-07 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-14138
https://notcve.org/view.php?id=CVE-2017-14138
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors. ImageMagick 7.0.6-5 tiene una vulnerabilidad de fuga de memoria en ReadWEBPImage in coders/webp.c ya que la memoria no se libera en algunos casos de error, tal y como lo demuestran los errores VP8. • https://github.com/ImageMagick/ImageMagick/issues/639 https://security.gentoo.org/glsa/201711-07 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2017-12691
https://notcve.org/view.php?id=CVE-2017-12691
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. La función ReadOneLayer en coders/xcf.c de ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo manipulado. • https://github.com/ImageMagick/ImageMagick/issues/656 https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://security.gentoo.org/glsa/201711-07 https://usn.ubuntu.com/3681-1 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2017-12692
https://notcve.org/view.php?id=CVE-2017-12692
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file. La función ReadVIFFImage en coders/viff.c de ImageMagick 7.0.6-6 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo VIFF manipulado. • https://github.com/ImageMagick/ImageMagick/issues/653 https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html https://security.gentoo.org/glsa/201711-07 https://usn.ubuntu.com/3681-1 • CWE-770: Allocation of Resources Without Limits or Throttling •