VYPR

rpm package

suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1

pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Vulnerabilities (162)

  • CVE-2016-10068MedMar 2, 2017
    affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1

    The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.

  • CVE-2016-10064HigMar 2, 2017
    affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1

    Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

  • CVE-2016-10063HigMar 2, 2017
    affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1

    Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.

  • CVE-2016-10062MedMar 2, 2017
    affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1

    The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2016-10060MedMar 2, 2017
    affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1

    The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

  • CVE-2016-9559MedMar 1, 2017
    affected < 6.8.8.1-54.1fixed 6.8.8.1-54.1

    coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.

  • CVE-2015-8903MedFeb 27, 2017
    affected < 6.8.8.1-30.2fixed 6.8.8.1-30.2

    The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

  • CVE-2015-8902MedFeb 27, 2017
    affected < 6.8.8.1-30.2fixed 6.8.8.1-30.2

    The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

  • CVE-2015-8901MedFeb 27, 2017
    affected < 6.8.8.1-30.2fixed 6.8.8.1-30.2

    ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

  • CVE-2015-8900MedFeb 27, 2017
    affected < 6.8.8.1-30.2fixed 6.8.8.1-30.2

    The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.

  • CVE-2016-9773MedFeb 17, 2017
    affected < 6.8.8.1-54.1fixed 6.8.8.1-54.1

    Heap-based buffer overflow in the IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file. NOTE: this vulnerability exists because of an incomplete fix for

  • CVE-2016-8677HigFeb 15, 2017
    affected < 6.8.8.1-40.1fixed 6.8.8.1-40.1

    The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.

  • CVE-2016-8866HigFeb 15, 2017
    affected < 6.8.8.1-54.1fixed 6.8.8.1-54.1

    The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-

  • CVE-2016-8862HigFeb 15, 2017
    affected < 6.8.8.1-47.1fixed 6.8.8.1-47.1

    The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

  • CVE-2016-8684HigFeb 15, 2017
    affected < 6.8.8.1-40.1fixed 6.8.8.1-40.1

    The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

  • CVE-2016-8683HigFeb 15, 2017
    affected < 6.8.8.1-40.1fixed 6.8.8.1-40.1

    The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

  • CVE-2016-8682HigFeb 15, 2017
    affected < 6.8.8.1-40.1fixed 6.8.8.1-40.1

    The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.

  • CVE-2016-7800HigFeb 6, 2017
    affected < 6.8.8.1-40.1fixed 6.8.8.1-40.1

    Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

  • CVE-2016-7997HigJan 18, 2017
    affected < 6.8.8.1-40.1fixed 6.8.8.1-40.1

    The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.

  • CVE-2016-7996CriJan 18, 2017
    affected < 6.8.8.1-40.1fixed 6.8.8.1-40.1

    Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.

Page 7 of 9