VYPR

rpm package

suse/GraphicsMagick&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Vulnerabilities (250)

  • CVE-2017-11642HigJul 26, 2017
    affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1

    GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.

  • CVE-2017-11641CriJul 26, 2017
    affected < 1.2.5-78.52.1fixed 1.2.5-78.52.1

    GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.

  • CVE-2017-11640MedJul 26, 2017
    affected < 1.2.5-4.78.19.1fixed 1.2.5-4.78.19.1

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.

  • CVE-2017-11638HigJul 26, 2017
    affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1

    GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.

  • CVE-2017-11637CriJul 26, 2017
    affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1

    GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.

  • CVE-2017-11636CriJul 26, 2017
    affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1

    GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.

  • CVE-2017-11539MedJul 23, 2017
    affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.

  • CVE-2017-11534MedJul 23, 2017
    affected < 1.2.5-4.78.16.1fixed 1.2.5-4.78.16.1

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.

  • CVE-2017-11533MedJul 23, 2017
    affected < 1.2.5-4.78.41.1fixed 1.2.5-4.78.41.1

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c.

  • CVE-2017-11532MedJul 23, 2017
    affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2

    When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.

  • CVE-2017-11528MedJul 23, 2017
    affected < 1.2.5-4.78.41.1fixed 1.2.5-4.78.41.1

    The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-11526MedJul 23, 2017
    affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1

    The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.

  • CVE-2017-11524MedJul 23, 2017
    affected < 1.2.5-78.44.1fixed 1.2.5-78.44.1

    The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.

  • CVE-2017-11505MedJul 21, 2017
    affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1

    The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.

  • CVE-2017-11450HigJul 19, 2017
    affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1

    coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.

  • CVE-2017-11449HigJul 19, 2017
    affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2

    coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.

  • CVE-2017-11448MedJul 19, 2017
    affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1

    The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.

  • CVE-2017-11403HigJul 18, 2017
    affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1

    The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.

  • CVE-2017-11188HigJul 12, 2017
    affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2

    The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.

  • CVE-2017-11140MedJul 10, 2017
    affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1

    The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.

Page 7 of 13