rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (332)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10146 | Hig | 7.5 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 24, 2017 | Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |
| CVE-2016-10145 | Cri | 9.8 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 24, 2017 | Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. | |
| CVE-2016-10144 | Cri | 9.8 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 24, 2017 | coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. | |
| CVE-2016-9556 | Med | 5.5 | < 6.4.3.6-7.60.1 | 6.4.3.6-7.60.1 | Mar 23, 2017 | The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. | |
| CVE-2016-10059 | Hig | 7.8 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 23, 2017 | Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file. | |
| CVE-2016-10052 | Hig | 7.8 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 23, 2017 | Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | |
| CVE-2016-10051 | Hig | 7.8 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 23, 2017 | Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | |
| CVE-2016-10050 | Hig | 7.8 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 23, 2017 | Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file. | |
| CVE-2016-10049 | Hig | 7.8 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 23, 2017 | Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file. | |
| CVE-2016-10048 | Hig | 7.5 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 23, 2017 | Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors. | |
| CVE-2016-10046 | Med | 5.5 | < 6.4.3.6-7.65.1 | 6.4.3.6-7.65.1 | Mar 23, 2017 | Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file. | |
| CVE-2014-9840 | Med | 5.5 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 22, 2017 | ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. | |
| CVE-2014-9839 | Hig | 7.5 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 22, 2017 | magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). | |
| CVE-2014-9838 | Med | 5.5 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 22, 2017 | magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash). | |
| CVE-2014-9836 | Med | 5.5 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 22, 2017 | ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file. | |
| CVE-2014-9835 | Hig | 7.8 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 22, 2017 | Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. | |
| CVE-2014-9834 | Hig | 7.8 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 22, 2017 | Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. | |
| CVE-2014-9851 | Hig | 7.5 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 20, 2017 | ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). | |
| CVE-2014-9849 | Hig | 7.5 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 20, 2017 | The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). | |
| CVE-2014-9847 | Cri | 9.8 | < 6.4.3.6-7.45.1 | 6.4.3.6-7.45.1 | Mar 20, 2017 | The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. |
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
- affected < 6.4.3.6-7.60.1fixed 6.4.3.6-7.60.1
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
- affected < 6.4.3.6-7.65.1fixed 6.4.3.6-7.65.1
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).
- affected < 6.4.3.6-7.45.1fixed 6.4.3.6-7.45.1
The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.
Page 14 of 17