VYPR

rpm package

suse/GraphicsMagick&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Vulnerabilities (250)

  • CVE-2017-11102HigJul 7, 2017
    affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1

    The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure.

  • CVE-2017-10995MedJul 7, 2017
    affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1

    The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.

  • CVE-2017-10800MedJul 3, 2017
    affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2

    When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.

  • CVE-2017-10799MedJul 3, 2017
    affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2

    When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().

  • CVE-2017-10794MedJul 2, 2017
    affected < 1.2.5-78.78.1fixed 1.2.5-78.78.1

    When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.

  • CVE-2017-9501MedJun 7, 2017
    affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1

    In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9439MedJun 5, 2017
    affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1

    In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9407MedJun 2, 2017
    affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1

    In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-9405MedJun 2, 2017
    affected < 1.2.5-4.78.41.1fixed 1.2.5-4.78.41.1

    In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-9262MedMay 29, 2017
    affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1

    In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-9261MedMay 29, 2017
    affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1

    In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-9144MedMay 22, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.

  • CVE-2017-9142MedMay 22, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.

  • CVE-2017-9098HigMay 19, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that

  • CVE-2017-8830MedMay 8, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8765MedMay 4, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.

  • CVE-2017-8355MedApr 30, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8353MedApr 30, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8352MedApr 30, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file.

  • CVE-2017-8351MedApr 30, 2017
    affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1

    In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file.

Page 8 of 13