rpm package
suse/GraphicsMagick&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
Vulnerabilities (250)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-13147 | Hig | 8.8 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Aug 23, 2017 | In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value. | |
| CVE-2017-13142 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Aug 23, 2017 | In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files. | |
| CVE-2017-13141 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Aug 23, 2017 | In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c. | |
| CVE-2017-13139 | Cri | 9.8 | < 1.2.5-4.78.16.1 | 1.2.5-4.78.16.1 | Aug 23, 2017 | In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk. | |
| CVE-2017-13134 | Med | 6.5 | < 1.2.5-4.78.19.1 | 1.2.5-4.78.19.1 | Aug 23, 2017 | In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file. | |
| CVE-2017-13131 | Med | 6.5 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Aug 23, 2017 | In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file. | |
| CVE-2017-13066 | Med | 6.5 | < 1.2.5-78.52.1 | 1.2.5-78.52.1 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c. | |
| CVE-2017-13065 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. | |
| CVE-2017-13064 | Med | 6.5 | < 1.2.5-4.78.16.1 | 1.2.5-4.78.16.1 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. | |
| CVE-2017-13063 | Med | 6.5 | < 1.2.5-4.78.16.1 | 1.2.5-4.78.16.1 | Aug 22, 2017 | GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. | |
| CVE-2017-13061 | Med | 6.5 | < 1.2.5-4.78.28.2 | 1.2.5-4.78.28.2 | Aug 22, 2017 | In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file. | |
| CVE-2017-13058 | Med | 6.5 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Aug 22, 2017 | In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. | |
| CVE-2017-12983 | Hig | 8.8 | < 1.2.5-4.78.19.1 | 1.2.5-4.78.19.1 | Aug 21, 2017 | Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | |
| CVE-2017-12937 | Hig | 8.8 | < 1.2.5-4.78.16.1 | 1.2.5-4.78.16.1 | Aug 18, 2017 | The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | |
| CVE-2017-12936 | Hig | 8.8 | < 1.2.5-4.78.16.1 | 1.2.5-4.78.16.1 | Aug 18, 2017 | The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | |
| CVE-2017-12935 | Hig | 8.8 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Aug 18, 2017 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | |
| CVE-2017-12676 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Aug 7, 2017 | In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service. | |
| CVE-2017-12673 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Aug 7, 2017 | In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service. | |
| CVE-2017-12668 | Hig | 8.8 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Aug 7, 2017 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. | |
| CVE-2017-12663 | Hig | 8.8 | < 1.2.5-4.78.41.1 | 1.2.5-4.78.41.1 | Aug 7, 2017 | ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c. |
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
- affected < 1.2.5-4.78.16.1fixed 1.2.5-4.78.16.1
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
- affected < 1.2.5-4.78.19.1fixed 1.2.5-4.78.19.1
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
- affected < 1.2.5-78.52.1fixed 1.2.5-78.52.1
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.
- affected < 1.2.5-4.78.16.1fixed 1.2.5-4.78.16.1
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.
- affected < 1.2.5-4.78.16.1fixed 1.2.5-4.78.16.1
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.
- affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
- affected < 1.2.5-4.78.19.1fixed 1.2.5-4.78.19.1
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
- affected < 1.2.5-4.78.16.1fixed 1.2.5-4.78.16.1
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.
- affected < 1.2.5-4.78.16.1fixed 1.2.5-4.78.16.1
The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
- affected < 1.2.5-4.78.41.1fixed 1.2.5-4.78.41.1
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
Page 5 of 13