CVSS: 9.3EPSS: 0%CPEs: 57EXPL: 1CVE-2007-4987
https://notcve.org/view.php?id=CVE-2007-4987
24 Sep 2007 — Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address. Error de superación de límite (off-by-one) en la función ReadBlobString en blob.c de ImageMagick versiones anteriores a 6.3.5-9 permite a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante un fichero de imagen manipula... • http://bugs.gentoo.org/show_bug.cgi?id=186030 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2007-4988 – Integer overflow in ImageMagick's DIB coder
https://notcve.org/view.php?id=CVE-2007-4988
24 Sep 2007 — Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. Error de extensión de signo en la función ReadDIBImage de ImageMagick versiones anteriores a 6.3.5-9 permite a atacantes locales o remotos dependientes del contexto ejecutar código de su elección mediante un valor de ancho manipulado en un fichero de imagen,... • http://bugs.gentoo.org/show_bug.cgi?id=186030 • CWE-190: Integer Overflow or Wraparound CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 8.8EPSS: 15%CPEs: 30EXPL: 0CVE-2007-1797 – Heap overflow in ImageMagick's DCM and XWD coders
https://notcve.org/view.php?id=CVE-2007-1797
02 Apr 2007 — Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667. Múltiples desbordamientos de búfer de enteros en ImageMagick anterior a 6.3.3-5 permite a atacantes remotos ejecutar código de su elec... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 4%CPEs: 2EXPL: 0CVE-2007-0770
https://notcve.org/view.php?id=CVE-2007-0770
12 Feb 2007 — Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456. Desbordamiento de búfer en GraphicsMagick y ImageMagick permite a atacantes con la intervención del usuario provocar denegación de servicio y posiblemente ejecutar código de su elección a través de u... • http://secunia.com/advisories/24167 •
CVSS: 9.3EPSS: 3%CPEs: 6EXPL: 0CVE-2006-5868 – Insufficient boundary check in ImageMagick's SGIDecode()
https://notcve.org/view.php?id=CVE-2006-5868
22 Nov 2006 — Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image. Múltiples desbordamientos de búfer en Imagemagick 6.0 anterior a 6.0.6.2, y 6.2 anterior a 6.2.4.5, tiene un impacto desconocido y vectores de ataque con la complicidad del usuario a través de una imagen SGI manipulada. • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2006-5456 – Overflows in GraphicsMagick and ImageMagick's DCM and PALM handling routines
https://notcve.org/view.php?id=CVE-2006-5456
23 Oct 2006 — Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. Múltiples desbordamientos de búfer en GraphicsMagick anterior a 1.1.7 e ImageMagick 6.0.7 permiten a atacantes con intervención del usuario provoc... • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 16EXPL: 0CVE-2006-3744
https://notcve.org/view.php?id=CVE-2006-3744
25 Aug 2006 — Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. Múltiples desbordamientos de entero en ImageMagick anterior a 6.2.9 permiten a atacantes con la intervención del usuario ejecutar código de su elección mediante imágenes Sun Rasterfile (bitmap) manipuladas que provocan desbordamientos de búfer basado en montón. • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 2%CPEs: 16EXPL: 0CVE-2006-3743
https://notcve.org/view.php?id=CVE-2006-3743
25 Aug 2006 — Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. Múltiples vulnerabilidades de desbordamiento de búfer en ImageMagick anterior a 6.2.9 permiten a atacantes con la intervención del usuario ejecutar código de su elección mediante imágenes XCF manipuladas. • ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc •
CVSS: 8.8EPSS: 14%CPEs: 29EXPL: 3CVE-2006-4144 – ImageMagick 6.x - '.SGI' Image File Remote Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-4144
15 Aug 2006 — Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow. Desbordamiento de entero en la función ReadSGIImage en sgi.c de ImageMagick anterior a 6.2.9 permite a atacantes con la intervención del usuario provocar una denegación de servicio (caída) y posiblemente ejecutar cód... • https://www.exploit-db.com/exploits/28383 •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2006-2440
https://notcve.org/view.php?id=CVE-2006-2440
18 May 2006 — Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function. • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc •