CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7606
https://notcve.org/view.php?id=CVE-2017-7606
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. coders/rle.c en ImageMagick 7.0.5-4 tiene un problema de comportamiento "fuera de rango de valores representables de caracter sin signo" no definido, lo que podrían permitir a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente tener otro impacto no especificado a través de una imagen manipulada. • http://www.debian.org/security/2017/dsa-3863 http://www.securityfocus.com/bid/98685 https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9825
https://notcve.org/view.php?id=CVE-2014-9825
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. Desbordamiento de búfer basado en memoria dinámica en ImageMagick permite a atacantes remotos tener un impacto no especificado a través de un archivo psd manipulado, una vulnerabilidad diferente a CVE-2014-9824. • http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276 https://bugzilla.redhat.com/show_bug.cgi?id=1343481 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9804
https://notcve.org/view.php?id=CVE-2014-9804
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object." vision.c en ImageMagick permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de vectores relacionados con "demasiados objetos". • http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=c504b8e1a1ca6f158f2d08bd33c62ce4865497ee https://bugzilla.redhat.com/show_bug.cgi?id=1343459 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9824
https://notcve.org/view.php?id=CVE-2014-9824
Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825. Desbordamiento de búfer basado en memoria dinámica en ImageMagick permite a atacantes remotos tener un impacto no especificado a través de un archivo psd manipulado, una vulnerabilidad diferente a CVE-2014-9825 • http://www.openwall.com/lists/oss-security/2014/12/24/1 http://www.openwall.com/lists/oss-security/2016/06/02/13 https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=09561d37839dbfa04e017eea14811312985095d8 https://bugzilla.redhat.com/show_bug.cgi?id=1343480 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7275
https://notcve.org/view.php?id=CVE-2017-7275
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866. La función ReadPCXImage en coders/pcx.c en ImageMagick 7.0.4.9 permite a atacantes remotos provocar una denegación de servicio (intento de asignación de memoria grande y caída de la aplicación ) a través de un archivo manipulado. NOTA: Esta vulnerabilidad existe Debido a una solución incompleta para CVE-2016-8862 y CVE-2016-8866. • http://www.securityfocus.com/bid/97166 https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866 https://github.com/ImageMagick/ImageMagick/issues/271 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •