rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server 11 SP4
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Vulnerabilities (332)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-18029 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Jan 12, 2018 | In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | |
| CVE-2017-18028 | Med | 6.5 | < 6.4.3.6-7.78.34.1 | 6.4.3.6-7.78.34.1 | Jan 12, 2018 | In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. | |
| CVE-2017-18027 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Jan 12, 2018 | In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. | |
| CVE-2018-5247 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jan 5, 2018 | In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. | |
| CVE-2018-5246 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jan 5, 2018 | In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c. | |
| CVE-2017-18022 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jan 5, 2018 | In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. | |
| CVE-2017-1000476 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jan 3, 2018 | ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. | |
| CVE-2017-1000445 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jan 2, 2018 | ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service | |
| CVE-2017-17934 | Med | 6.5 | < 6.4.3.6-78.74.1 | 6.4.3.6-78.74.1 | Dec 27, 2017 | ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls. | |
| CVE-2017-17914 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Dec 27, 2017 | In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file. | |
| CVE-2017-17885 | Med | 6.5 | < 6.4.3.6-7.78.34.1 | 6.4.3.6-7.78.34.1 | Dec 27, 2017 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file. | |
| CVE-2017-17884 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Dec 27, 2017 | In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file. | |
| CVE-2017-17882 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Dec 27, 2017 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file. | |
| CVE-2017-17881 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Dec 27, 2017 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file. | |
| CVE-2017-17879 | Hig | 8.8 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Dec 27, 2017 | In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error. | |
| CVE-2017-17682 | Med | 6.5 | < 6.4.3.6-7.78.37.1 | 6.4.3.6-7.78.37.1 | Dec 14, 2017 | In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call. | |
| CVE-2017-17680 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Dec 14, 2017 | In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file. | |
| CVE-2017-17504 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Dec 11, 2017 | ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. | |
| CVE-2017-16546 | Hig | 8.8 | < 6.4.3.6-7.78.14.1 | 6.4.3.6-7.78.14.1 | Nov 5, 2017 | The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other | |
| CVE-2017-16545 | Hig | 8.8 | < 6.4.3.6-7.78.14.1 | 6.4.3.6-7.78.14.1 | Nov 5, 2017 | The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via |
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
- affected < 6.4.3.6-7.78.34.1fixed 6.4.3.6-7.78.34.1
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
- affected < 6.4.3.6-78.74.1fixed 6.4.3.6-78.74.1
ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service (ReadOneMNGImage large loop) via a crafted mng image file.
- affected < 6.4.3.6-7.78.34.1fixed 6.4.3.6-7.78.34.1
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
- affected < 6.4.3.6-7.78.37.1fixed 6.4.3.6-7.78.37.1
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.
- affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other
- affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have unspecified other impact via
Page 3 of 17