rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server 11 SP4
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Vulnerabilities (332)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-14437 | Med | 6.5 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. | |
| CVE-2018-14436 | Med | 6.5 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. | |
| CVE-2018-14435 | Med | 6.5 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. | |
| CVE-2018-14434 | Med | 6.5 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | Jul 20, 2018 | ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. | |
| CVE-2018-12600 | Hig | 8.8 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | Jun 20, 2018 | In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. | |
| CVE-2018-12599 | Hig | 8.8 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | Jun 20, 2018 | In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. | |
| CVE-2018-11251 | Med | 6.5 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | May 18, 2018 | In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file. | |
| CVE-2017-18271 | Med | 6.5 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | May 18, 2018 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. | |
| CVE-2018-10805 | Med | 6.5 | < 6.4.3.6-78.56.1 | 6.4.3.6-78.56.1 | May 8, 2018 | ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. | |
| CVE-2018-10177 | Med | 6.5 | < 6.4.3.6-78.45.1 | 6.4.3.6-78.45.1 | Apr 16, 2018 | In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. | |
| CVE-2017-18254 | Med | 6.5 | < 6.4.3.6-78.45.1 | 6.4.3.6-78.45.1 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. | |
| CVE-2017-18252 | Med | 6.5 | < 6.4.3.6-78.45.1 | 6.4.3.6-78.45.1 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. | |
| CVE-2017-18251 | Med | 6.5 | < 6.4.3.6-78.45.1 | 6.4.3.6-78.45.1 | Mar 27, 2018 | An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. | |
| CVE-2018-9018 | Med | 6.5 | < 6.4.3.6-78.45.1 | 6.4.3.6-78.45.1 | Mar 25, 2018 | In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. | |
| CVE-2018-8960 | Hig | 8.8 | < 6.4.3.6-78.45.1 | 6.4.3.6-78.45.1 | Mar 23, 2018 | The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read. | |
| CVE-2018-8804 | Hig | 8.8 | < 6.4.3.6-78.40.1 | 6.4.3.6-78.40.1 | Mar 20, 2018 | WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file. | |
| CVE-2017-18219 | Med | 6.5 | < 6.4.3.6-78.40.1 | 6.4.3.6-78.40.1 | Mar 5, 2018 | An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation. | |
| CVE-2018-7443 | Med | 6.5 | < 6.4.3.6-78.40.1 | 6.4.3.6-78.40.1 | Feb 23, 2018 | The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c) | |
| CVE-2018-6405 | Med | 6.5 | < 6.4.3.6-7.78.34.1 | 6.4.3.6-7.78.34.1 | Jan 30, 2018 | In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. | |
| CVE-2018-5685 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Jan 14, 2018 | In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value. |
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.
- affected < 6.4.3.6-78.56.1fixed 6.4.3.6-78.56.1
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
- affected < 6.4.3.6-78.45.1fixed 6.4.3.6-78.45.1
In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.
- affected < 6.4.3.6-78.45.1fixed 6.4.3.6-78.45.1
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file.
- affected < 6.4.3.6-78.45.1fixed 6.4.3.6-78.45.1
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file.
- affected < 6.4.3.6-78.45.1fixed 6.4.3.6-78.45.1
An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
- affected < 6.4.3.6-78.45.1fixed 6.4.3.6-78.45.1
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
- affected < 6.4.3.6-78.45.1fixed 6.4.3.6-78.45.1
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
- affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
- affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
- affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c)
- affected < 6.4.3.6-7.78.34.1fixed 6.4.3.6-7.78.34.1
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.
Page 2 of 17