rpm package
suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (332)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11534 | Med | 6.5 | < 6.4.3.6-7.78.8.1 | 6.4.3.6-7.78.8.1 | Jul 23, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c. | |
| CVE-2017-11533 | Med | 6.5 | < 6.4.3.6-7.78.37.1 | 6.4.3.6-7.78.37.1 | Jul 23, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c. | |
| CVE-2017-11532 | Med | 6.5 | < 6.4.3.6-78.79.1 | 6.4.3.6-78.79.1 | Jul 23, 2017 | When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. | |
| CVE-2017-11530 | Med | 6.5 | < 6.4.3.6-7.78.37.1 | 6.4.3.6-7.78.37.1 | Jul 23, 2017 | The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. | |
| CVE-2017-11529 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jul 23, 2017 | The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-11528 | Med | 6.5 | < 6.4.3.6-7.78.37.1 | 6.4.3.6-7.78.37.1 | Jul 23, 2017 | The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. | |
| CVE-2017-11527 | Med | 6.5 | < 6.4.3.6-7.78.14.1 | 6.4.3.6-7.78.14.1 | Jul 23, 2017 | The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. | |
| CVE-2017-11526 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Jul 23, 2017 | The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file. | |
| CVE-2017-11525 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Jul 23, 2017 | The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. | |
| CVE-2017-11524 | Med | 6.5 | < 6.4.3.6-78.40.1 | 6.4.3.6-78.40.1 | Jul 23, 2017 | The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file. | |
| CVE-2017-11505 | Med | 6.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Jul 21, 2017 | The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file. | |
| CVE-2017-11478 | Med | 6.5 | < 6.4.3.6-7.78.14.1 | 6.4.3.6-7.78.14.1 | Jul 20, 2017 | The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image. | |
| CVE-2017-11450 | Hig | 8.8 | < 6.4.3.6-7.78.34.1 | 6.4.3.6-7.78.34.1 | Jul 19, 2017 | coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | |
| CVE-2017-11449 | Hig | 8.8 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jul 19, 2017 | coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | |
| CVE-2017-11448 | Med | 6.5 | < 6.4.3.6-7.78.34.1 | 6.4.3.6-7.78.34.1 | Jul 19, 2017 | The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | |
| CVE-2017-11403 | Hig | 8.8 | < 6.4.3.6-7.78.5.2 | 6.4.3.6-7.78.5.2 | Jul 18, 2017 | The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. | |
| CVE-2017-11188 | Hig | 7.5 | < 6.4.3.6-7.78.14.1 | 6.4.3.6-7.78.14.1 | Jul 12, 2017 | The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check. | |
| CVE-2017-11166 | Med | 6.5 | < 6.4.3.6-7.78.34.1 | 6.4.3.6-7.78.34.1 | Jul 10, 2017 | The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file. | |
| CVE-2017-11141 | Med | 6.5 | < 6.4.3.6-7.78.22.1 | 6.4.3.6-7.78.22.1 | Jul 10, 2017 | The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call. | |
| CVE-2017-10995 | Med | 5.5 | < 6.4.3.6-7.78.29.2 | 6.4.3.6-7.78.29.2 | Jul 7, 2017 | The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. |
- affected < 6.4.3.6-7.78.8.1fixed 6.4.3.6-7.78.8.1
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map() function in coders/wmf.c.
- affected < 6.4.3.6-7.78.37.1fixed 6.4.3.6-7.78.37.1
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c.
- affected < 6.4.3.6-78.79.1fixed 6.4.3.6-78.79.1
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.
- affected < 6.4.3.6-7.78.37.1fixed 6.4.3.6-7.78.37.1
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 6.4.3.6-7.78.37.1fixed 6.4.3.6-7.78.37.1
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
- affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
- affected < 6.4.3.6-78.40.1fixed 6.4.3.6-78.40.1
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
- affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
- affected < 6.4.3.6-7.78.34.1fixed 6.4.3.6-7.78.34.1
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
- affected < 6.4.3.6-7.78.34.1fixed 6.4.3.6-7.78.34.1
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
- affected < 6.4.3.6-7.78.5.2fixed 6.4.3.6-7.78.5.2
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file.
- affected < 6.4.3.6-7.78.14.1fixed 6.4.3.6-7.78.14.1
The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.
- affected < 6.4.3.6-7.78.34.1fixed 6.4.3.6-7.78.34.1
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
- affected < 6.4.3.6-7.78.22.1fixed 6.4.3.6-7.78.22.1
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
- affected < 6.4.3.6-7.78.29.2fixed 6.4.3.6-7.78.29.2
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
Page 9 of 17