CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2019-7397 – ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c
https://notcve.org/view.php?id=CVE-2019-7397
In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. En ImageMagick, en versiones anteriores a la 7.0.8-25, y GraphicsMagick, hasta la versión 1.3.31, existen varias vulnerabilidades de fuga de memoria en WritePDFImage en coders/pdf.c. • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html http://www.securityfocus.com/bid/106847 https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82 https://github.com/ImageMagick/ImageMagick/issues/1454 https://usn.ubuntu.com/4034-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security&#x • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-18544 – ImageMagick: memory leak in WriteMSLImage of coders/msl.c
https://notcve.org/view.php?id=CVE-2018-18544
There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. Hay una fuga de memoria en la función WriteMSLImage en coders/msl.c en ImageMagick 7.0.8-13 Q16, así como en la función ProcessMSLScript de coders/msl.c en GraphicsMagick en versiones anteriores a la 1.3.31. • http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html https://github.com/ImageMagick/ImageMagick/issues/1360 https://usn.ubuntu.com/4034-1 https://access.redhat.com/security/cve/CVE-2018-18544 https://bugzilla.redhat.com/show_bug.cgi?id=1642614 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 2CVE-2017-15277
https://notcve.org/view.php?id=CVE-2017-15277
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette. ReadGIFImage en coders/gif.c en ImageMagick 7.0.6-1 y GraphicsMagick 1.3.26 deja sin inicializar la paleta cuando se procesa un archivo GIF que no tiene ni una paleta global ni una local. Si el producto afectado se utiliza como una librería cargada en un proceso que opera en datos de interés, estos datos pueden filtrarse a veces mediante la paleta no inicializada. • https://github.com/hexrom/ImageMagick-CVE-2017-15277 https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5 https://github.com/ImageMagick/ImageMagick/issues/592 https://github.com/neex/gifoeb https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html https://usn.ubuntu.com/3681-1 https://usn.ubuntu.com/4232-1 https://www.debian.org/security/2017/dsa-4032 https://www.debian.org/security/2017/dsa-4040 https://www.debian.org/security/2018/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2017-9098
https://notcve.org/view.php?id=CVE-2017-9098
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c. ImageMagick anterior a versión 7.0.5-2 y GraphicsMagick anterior a versión 1.3.24 usan memoria no inicializada en el decodificador RLE, lo que permite que un atacante filtrar información confidencial del espacio de memoria de proceso, como lo demuestran los ataques remotos contra el código de ImageMagick en un proceso de servidor de larga duración que convierte los datos de imagen en favor de múltiples usuarios. Esto es causado por una falta de pasos de inicialización en la función ReadRLEImage en el archivo coders/rle.c. • http://hg.code.sf.net/p/graphicsmagick/code/diff/0a5b75e019b6/coders/rle.c http://www.debian.org/security/2017/dsa-3863 http://www.securityfocus.com/bid/98593 https://github.com/ImageMagick/ImageMagick/commit/1c358ffe0049f768dd49a8a889c1cbf99ac9849b https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html • CWE-908: Use of Uninitialized Resource •
CVSS: 10.0EPSS: 74%CPEs: 24EXPL: 0CVE-2016-5118 – ImageMagick: Remote code execution via filename
https://notcve.org/view.php?id=CVE-2016-5118
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. La función OpenBlob en blob.c en GraphicsMagick en versiones anteriores a 1.3.24 y ImageMagick permite a atacantes remotos ejecutar código arbitrario a través del caractér | (tubería) en el inicio del nombre de archivo. It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. • http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8 http://hg.code.sf.net/p/graphicsmagick/code/file/41876934e762/ChangeLog http://hg.code.sf.net/p/graphicsmagick/code/rev/ae3928faa858 http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg0002 • CWE-20: Improper Input Validation •