CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-13063
https://notcve.org/view.php?id=CVE-2017-13063
22 Aug 2017 — GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. GraphicsMagick 1.3.26 tiene una vulnerabilidad de desbordamiento de búfer basado en montículos en la función GetStyleTokens en coders/svg.c:314:12. • http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-13065
https://notcve.org/view.php?id=CVE-2017-13065
22 Aug 2017 — GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. GraphicsMagick 1.3.26 tiene una vulnerabilidad de desreferencia de puntero NULL en la función SVGStartElement en coders/svg.c. • http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2017-13064 – Ubuntu Security Notice USN-4222-1
https://notcve.org/view.php?id=CVE-2017-13064
22 Aug 2017 — GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. GraphicsMagick 1.3.26 tiene una vulnerabilidad de desbordamiento de búfer basado en montículos en la función GetStyleTokens en coders/svg.c:311:12. It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. • http://hg.code.sf.net/p/graphicsmagick/code/rev/54f48ab2d52a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 6%CPEs: 3EXPL: 0CVE-2017-12936
https://notcve.org/view.php?id=CVE-2017-12936
18 Aug 2017 — The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. La función ReadWMFImage en coders/wmf.c de GraphicsMagick 1.3.26 tiene un problema de uso de memoria previamente liberada para los datos asociados con el informe de excepciones. • http://hg.code.sf.net/p/graphicsmagick/code/rev/be898b7c97bd • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12935 – Ubuntu Security Notice USN-4222-1
https://notcve.org/view.php?id=CVE-2017-12935
18 Aug 2017 — The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. La función ReadMNGImage en coders/png.c de GraphicsMagick 1.3.26 maneja incorrectamente imágenes MNG de gran tamaño, provocando que haya lecturas de memoria no válidas en la función SetImageColorCallBack en magick/image.c. It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possi... • http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12937
https://notcve.org/view.php?id=CVE-2017-12937
18 Aug 2017 — The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. La función ReadSUNImage en coders/sun.c de GraphicsMagick 1.3.26 tiene una vulnerabilidad de desbordamiento de búfer basado en montículos en la matriz de colores. • http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11722
https://notcve.org/view.php?id=CVE-2017-11722
28 Jul 2017 — The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging statement executing outside of a loop, and consequently using an invalid array index corresponding to the loop's exit condition. La función WriteOnePNGImage en el archivo coders/png.c en GraphicsMagick versión 1.3.26 ... • http://hg.code.sf.net/p/graphicsmagick/code/rev/f423ba88ca4e • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-11636 – Ubuntu Security Notice USN-4206-1
https://notcve.org/view.php?id=CVE-2017-11636
26 Jul 2017 — GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. GraphicsMagick 1.3.26 tiene un desbordamiento de memoria dinámica (heap) en la función WriteRGBImage() en coders/rgb.c cuando se procesan múltiples tramas que no tienen anchuras idénticas. It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service. • http://hg.code.sf.net/p/graphicsmagick/code/rev/39961adf974c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11637
https://notcve.org/view.php?id=CVE-2017-11637
26 Jul 2017 — GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. GraphicsMagick 1.3.26 tiene una desreferencia de puntero NULL en la función WritePCLImage() en coders/pcl.c durante la escritura de imágenes monocroma. • http://hg.code.sf.net/p/graphicsmagick/code/rev/f3ffc5541257 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11643
https://notcve.org/view.php?id=CVE-2017-11643
26 Jul 2017 — GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. GraphicsMagick versión 1.3.26 presenta un desbordamiento de pila en la función WriteCMYKImage() en el archivo coders/cmyk.c cuando se procesan varios tramas que tienen anchos no idénticos. • http://hg.code.sf.net/p/graphicsmagick/code/rev/d00b74315a71 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •