CVE-2017-16669
https://notcve.org/view.php?id=CVE-2017-16669
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c. coders/wpg.c en GraphicsMagick 7.0.6 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer basado en memoria dinámica o heap y cierre inesperado de aplicación) o, probablemente, causen cualquier otro tipo de problema mediante un archivo manipulado. Esto está relacionado con la función AcquireCacheNexus en magick/pixel_cache.c. • http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d http://hg.code.sf.net/p/graphicsmagick/code/rev/1b9e64a8901e http://hg.code.sf.net/p/graphicsmagick/code/rev/2a21cda3145b http://hg.code.sf.net/p/graphicsmagick/code/rev/2b7c826d36af http://hg.code.sf.net/p/graphicsmagick/code/rev/3dc7b4e3779d http://hg.code.sf.net/p/graphicsmagick/code/rev/75245a215fff http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0 http://hg.code.sf.net/p/graphicsmagick/code • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-16547
https://notcve.org/view.php?id=CVE-2017-16547
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file. La función DrawImage en magick/render.c en GraphicsMagick 1.3.26 no busca correctamente palabras clave pop que estén asociadas a palabras clave push, lo que permite que atacantes remotos provoquen una denegación de servicio (strncpy negativo y cierre inesperado de la aplicación) o, posiblemente, causen otros impactos no especificados mediante un archivo manipulado. • http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc https://lists.debian.org/debian-lts-announce/2017/11/msg00016.html https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ https://sourceforge.net/p/graphicsmagick/bugs/517 https://usn.ubuntu.com • CWE-20: Improper Input Validation •
CVE-2017-16545
https://notcve.org/view.php?id=CVE-2017-16545
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via a malformed WPG image. La función ReadWPGImage en coders/wpg.c en GraphicsMagick 1.3.26 no valida correctamente las imágenes cuyos colores corresponden a un mapa de color, lo que permite que atacantes remotos provoquen una denegación de servicio (escritura no válida de ImportIndexQuantumType y cierre inesperado de la aplicación) o, posiblemente, causen otros impactos no especificados mediante una imagen WPG mal formada. • http://hg.code.sf.net/p/graphicsmagick/code/rev/e8086faa52d0 https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ https://sourceforge.net/p/graphicsmagick/bugs/519 https://usn.ubuntu.com/4248-1 https://www.debian.org/security/2018/dsa-4321 • CWE-476: NULL Pointer Dereference •
CVE-2017-16353 – GraphicsMagick - Memory Disclosure / Heap Overflow
https://notcve.org/view.php?id=CVE-2017-16353
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked. GraphicsMagick 1.3.26 es vulnerable a una revelación de información de memoria que se ha encontrado en la función DescribeImage del archivo magick/describe.c debido a una sobrelectura de búfer basada en memoria dinámica (heap). • https://www.exploit-db.com/exploits/43111 ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txt http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=e4e1c2a581d8 http://www.securityfocus.com/bid/101653 https://blogs.securiteam.com/index.php/archives/3494 https://lists.debian.org/debian-lts-announce/2017/11/msg00002.html https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html https://usn.ubuntu.com/4232-1 https://www.debian.org/security/2018/ • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-16352 – GraphicsMagick - Memory Disclosure / Heap Overflow
https://notcve.org/view.php?id=CVE-2017-16352
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag. GraphicsMagick 1.3.26 es vulnerable a un desbordamiento de búfer basado en memoria dinámica (heap) que se ha encontrado en la característica "Display visual image directory" de la función DescribeImage() del archivo magick/describe.c. Una forma posible de desencadenar esta vulnerabilidad es ejecutar el comando identify en un archivo de formato MIFF especialmente manipulado con el indicador de detalle. GraphicsMagick suffers from memory disclosure and heap overflow vulnerabilities. • https://www.exploit-db.com/exploits/43111 ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txt http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=7292230dd185 http://www.securityfocus.com/bid/101658 https://blogs.securiteam.com/index.php/archives/3494 https://lists.debian.org/debian-lts-announce/2017/11/msg00002.html https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html https://usn.ubuntu.com/4232-1 https://www.debian.org/security/2018/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •