rpm package
suse/GraphicsMagick&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
Vulnerabilities (250)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11642 | Hig | 8.8 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | |
| CVE-2017-11641 | Cri | 9.8 | < 1.2.5-78.52.1 | 1.2.5-78.52.1 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. | |
| CVE-2017-11640 | Med | 6.5 | < 1.2.5-4.78.19.1 | 1.2.5-4.78.19.1 | Jul 26, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c. | |
| CVE-2017-11638 | Hig | 8.8 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. | |
| CVE-2017-11637 | Cri | 9.8 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | |
| CVE-2017-11636 | Cri | 9.8 | < 1.2.5-4.78.9.1 | 1.2.5-4.78.9.1 | Jul 26, 2017 | GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. | |
| CVE-2017-11539 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Jul 23, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c. | |
| CVE-2017-11534 | Med | 6.5 | < 1.2.5-4.78.16.1 | 1.2.5-4.78.16.1 | Jul 23, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c. | |
| CVE-2017-11533 | Med | 6.5 | < 1.2.5-4.78.41.1 | 1.2.5-4.78.41.1 | Jul 23, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c. | |
| CVE-2017-11532 | Med | 6.5 | < 1.2.5-4.78.28.2 | 1.2.5-4.78.28.2 | Jul 23, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. | |
| CVE-2017-11528 | Med | 6.5 | < 1.2.5-4.78.41.1 | 1.2.5-4.78.41.1 | Jul 23, 2017 | The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-11526 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Jul 23, 2017 | The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file. | |
| CVE-2017-11524 | Med | 6.5 | < 1.2.5-78.44.1 | 1.2.5-78.44.1 | Jul 23, 2017 | The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file. | |
| CVE-2017-11505 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Jul 21, 2017 | The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file. | |
| CVE-2017-11450 | Hig | 8.8 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Jul 19, 2017 | coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | |
| CVE-2017-11449 | Hig | 8.8 | < 1.2.5-4.78.28.2 | 1.2.5-4.78.28.2 | Jul 19, 2017 | coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | |
| CVE-2017-11448 | Med | 6.5 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Jul 19, 2017 | The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | |
| CVE-2017-11403 | Hig | 8.8 | < 1.2.5-4.78.9.1 | 1.2.5-4.78.9.1 | Jul 18, 2017 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. | |
| CVE-2017-11188 | Hig | 7.5 | < 1.2.5-4.78.28.2 | 1.2.5-4.78.28.2 | Jul 12, 2017 | The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check. | |
| CVE-2017-11140 | Med | 5.5 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Jul 10, 2017 | The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. |
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
- affected < 1.2.5-78.52.1fixed 1.2.5-78.52.1
GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files.
- affected < 1.2.5-4.78.19.1fixed 1.2.5-4.78.19.1
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images.
- affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1
GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.
- affected < 1.2.5-4.78.16.1fixed 1.2.5-4.78.16.1
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.
- affected < 1.2.5-4.78.41.1fixed 1.2.5-4.78.41.1
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c.
- affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.
- affected < 1.2.5-4.78.41.1fixed 1.2.5-4.78.41.1
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
- affected < 1.2.5-78.44.1fixed 1.2.5-78.44.1
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
- affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
- affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.
- affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2
The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files.
Page 7 of 13