Page 9 of 169 results (0.030 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability. Se encontró un fallo en ImageMagick en el archivo MagickCore/gem.c. Un atacante que envía un archivo diseñado que es procesado por ImageMagick podría desencadenar un comportamiento indefinido en la forma de una división matemática por cero. • https://bugzilla.redhat.com/show_bug.cgi?id=1916610 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/05/msg00020.html • CWE-369: Divide By Zero •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1

in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size. The patch resets the depth to a proper size before throwing an exception. The memory leak can be triggered by a crafted input file that is processed by ImageMagick and could cause an impact to application reliability, such as denial of service. This flaw affects ImageMagick versions prior to 7.0.9-0. En la función SetImageExtent() del archivo /MagickCore/image.c, un tamaño de profundidad de imagen incorrecto puede causar una pérdida de memoria porque el código que verifica el tamaño de profundidad de imagen apropiado no restablece el tamaño en caso de que haya un tamaño no válido. • https://bugzilla.redhat.com/show_bug.cgi?id=1894232 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file. These leaks could potentially lead to an impact to application availability or cause a denial of service. It was originally reported that the issues were in `AcquireMagickMemory()` because that is where LeakSanitizer detected the leaks, but the patch resolves issues in the MIFF coder, which incorrectly handles data being passed to `AcquireMagickMemory()`. This flaw affects ImageMagick versions prior to 7.0.9-0. Se presentan varias pérdidas de memoria en el codificador MIFF en el archivo /coders/miff.c debido a valores de profundidad de imagen inapropiados, que pueden activarse mediante un archivo de entrada especialmente diseñado. • https://bugzilla.redhat.com/show_bug.cgi?id=1894229 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0. Se encontró un fallo en ImageMagick en el archivo MagickCore/quantum-private.h. • https://bugzilla.redhat.com/show_bug.cgi?id=1894226 • CWE-122: Heap-based Buffer Overflow •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of a raw C string to remedy this. This could cause an impact to availability of the application. This flaw affects ImageMagick versions prior to 7.0.9-0. La función TIFFGetProfiles() en el archivo /coders/tiff.c llama a la función strstr() lo que causa una gran lectura fuera de límites cuando busca `"dc:format=\"image/dng\"` dentro de "profile" debido al manejo inapropiado de una cadena, cuando un archivo de entrada diseñado es proporcionado a ImageMagick. • https://bugzilla.redhat.com/show_bug.cgi?id=1891613 • CWE-122: Heap-based Buffer Overflow •