VYPR

CWE-772

Missing Release of Resource after Effective Lifetime

BaseDraftLikelihood: High

Description

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-469

CVEs mapped to this weakness (345)

page 10 of 18
  • CVE-2017-11644MedJul 26, 2017
    risk 0.42cvss 6.5epss 0.02

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.

  • CVE-2017-11539MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.02

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.

  • CVE-2017-11538MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.02

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.

  • CVE-2017-11536MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.01

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c.

  • CVE-2017-11534MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.01

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.

  • CVE-2017-11532MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.01

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.

  • CVE-2017-11531MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.02

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c.

  • CVE-2017-11529MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.01

    The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-11528MedJul 23, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-11447MedJul 19, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.

  • CVE-2017-11166MedJul 10, 2017
    risk 0.42cvss 6.5epss 0.01

    The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.

  • CVE-2017-11141MedJul 10, 2017
    risk 0.42cvss 6.5epss 0.02

    The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.

  • CVE-2017-9815MedJun 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

  • CVE-2017-9440MedJun 5, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9439MedJun 5, 2017
    risk 0.42cvss 6.5epss 0.02

    In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9409MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-9408MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.02

    In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9407MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-9406MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9405MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.