rpm package
suse/GraphicsMagick&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
pkg:rpm/suse/GraphicsMagick&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
Vulnerabilities (250)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11102 | Hig | 7.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Jul 7, 2017 | The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure. | |
| CVE-2017-10995 | Med | 5.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | Jul 7, 2017 | The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | |
| CVE-2017-10800 | Med | 5.5 | < 1.2.5-4.78.28.2 | 1.2.5-4.78.28.2 | Jul 3, 2017 | When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data. | |
| CVE-2017-10799 | Med | 5.5 | < 1.2.5-4.78.28.2 | 1.2.5-4.78.28.2 | Jul 3, 2017 | When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage(). | |
| CVE-2017-10794 | Med | 5.5 | < 1.2.5-78.78.1 | 1.2.5-78.78.1 | Jul 2, 2017 | When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode. | |
| CVE-2017-9501 | Med | 6.5 | < 1.2.5-4.78.9.1 | 1.2.5-4.78.9.1 | Jun 7, 2017 | In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. | |
| CVE-2017-9439 | Med | 6.5 | < 1.2.5-4.78.9.1 | 1.2.5-4.78.9.1 | Jun 5, 2017 | In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file. | |
| CVE-2017-9407 | Med | 6.5 | < 1.2.5-4.78.38.1 | 1.2.5-4.78.38.1 | Jun 2, 2017 | In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-9405 | Med | 6.5 | < 1.2.5-4.78.41.1 | 1.2.5-4.78.41.1 | Jun 2, 2017 | In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-9262 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | May 29, 2017 | In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-9261 | Med | 6.5 | < 1.2.5-4.78.33.1 | 1.2.5-4.78.33.1 | May 29, 2017 | In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-9144 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | May 22, 2017 | In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. | |
| CVE-2017-9142 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | May 22, 2017 | In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c. | |
| CVE-2017-9098 | Hig | 7.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | May 19, 2017 | ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that | |
| CVE-2017-8830 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | May 8, 2017 | In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8765 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | May 4, 2017 | The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file. | |
| CVE-2017-8355 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8353 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8352 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-8351 | Med | 6.5 | < 1.2.5-4.77.1 | 1.2.5-4.77.1 | Apr 30, 2017 | In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
- affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
- affected < 1.2.5-4.78.28.2fixed 1.2.5-4.78.28.2
When GraphicsMagick 1.3.25 processes a DPX image (with metadata indicating a large width) in coders/dpx.c, a denial of service (OOM) can occur in ReadDPXImage().
- affected < 1.2.5-78.78.1fixed 1.2.5-78.78.1
When GraphicsMagick 1.3.25 processes an RGB TIFF picture (with metadata indicating a single sample per pixel) in coders/tiff.c, a buffer overflow occurs, related to QuantumTransferMode.
- affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
- affected < 1.2.5-4.78.9.1fixed 1.2.5-4.78.9.1
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
- affected < 1.2.5-4.78.38.1fixed 1.2.5-4.78.38.1
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.78.41.1fixed 1.2.5-4.78.41.1
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.78.33.1fixed 1.2.5-4.78.33.1
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 1.2.5-4.77.1fixed 1.2.5-4.77.1
In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
Page 8 of 13