Page 6 of 33 results (0.015 seconds)

CVSS: 9.3EPSS: 2%CPEs: 24EXPL: 0

Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos inferiores de búfer basados en montículo en la función ReadPALMImage en coders/palm.c de GraphicsMagick before v1.2.3, permite a atacantes remotos provocar una denegación de servicio (caída) o posibilidad de ejecutar código de su elección a través de una imagen PALM manipulada, es un vulnerabilidad diferente a CVE-2007-0770. NOTA: Algunos de estos detalles se han obtenido de terceras personas. • http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/palm.c http://secunia.com/advisories/30549 http://sourceforge.net/project/shownotes.php?release_id=604837 http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485 http://www.securityfocus.com/bid/29583 https://exchange.xforce.ibmcloud.com/vulnerabilities/42904 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 7%CPEs: 20EXPL: 0

Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer basado en montículo en la función DecodeImage de coders/pict.c de GraphicsMagick anterior a v1.1.14 y v1.2.x anterior a v1.2.3; permite a atacantes remotos provocar una denegación de servicio (caída) o puede que ejecutar código de su elección a través de una imagen PICT manipulada. NOTA: algunos de los detalles se han obtenido de fuentes de terceros. • http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/pict.c http://secunia.com/advisories/30549 http://sourceforge.net/project/shownotes.php?release_id=604785 http://sourceforge.net/project/shownotes.php?release_id=604837 http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485 http://www.securityfocus.com/bid/29583 https://exchange.xforce.ibmcloud.com/vulnerabilities/42906 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 3%CPEs: 20EXPL: 0

Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images. Múltiples vulnerabilidades no especificadas en GraphicsMagick anterior a v1.1.14, y v1.2.x anterior a 1v.2.3, permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores no especificados en (1) XCF y (2) imágenes CINEON. • http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/cineon.c http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/xcf.c http://secunia.com/advisories/30549 http://sourceforge.net/project/shownotes.php?release_id=604785 http://sourceforge.net/project/shownotes.php?release_id=604837 http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485 http://www.securityfocus.com/bid/29583 •

CVSS: 5.0EPSS: 5%CPEs: 15EXPL: 0

Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file. Múltiples vulnerabilidades sin especificar en GraphicsMAgick anterior a 1.2.4, permite a atacantes remotos provocar una denegación de servicio (caída, bucle infinito o consumo de memoria) a través de vectores no especificados en los decodificadores (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, y (9) TGA; y (b) la función GetImageCharacteristics en magick/image.c, desde un fichero (10) PNG, (11) JPEG, (12) BMP, o (13) TIFF manipulado. • http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html http://secunia.com/advisories/30879 http://secunia.com/advisories/32151 http://sourceforge.net/forum/forum.php?forum_id=841176 http://sourceforge.net/project/shownotes.php?release_id=610253 http://www.securityfocus.com/bid/30055 http://www.securitytracker.com/id?1020413 http://www.vupen.com/english/advisories/2008/1984/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43511 https://exchange.xforce.ibmcloud& • CWE-399: Resource Management Errors •

CVSS: 5.1EPSS: 1%CPEs: 8EXPL: 0

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. Múltiples desbordamientos de búfer en GraphicsMagick anterior a 1.1.7 e ImageMagick 6.0.7 permiten a atacantes con intervención del usuario provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante (1) una imagen DCM que no es manejada adecuadamente por la función ReadDCMImage en coders/dcm.c, o (2) una imagen PALM que no es manejada adecuadamente por la función ReadPALMImage en coders/palm.c. • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9 http://secunia.com/advisories/22569 http://secunia.com/advisories/22572 http://secunia.com/advisories/22601 http://secunia.com/advisories/22604 http://secunia.com/advisories/22819 http://secunia.com/advisories/22834 http://secunia.com/advisories/22998 http://secunia.com/advisories/23090 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •