rpm package

suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (275)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-11170	Hig	8.8	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Jul 11, 2017	The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.
CVE-2017-11166	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Jul 10, 2017	The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
CVE-2017-11141	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Jul 10, 2017	The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
CVE-2017-10995	Med	5.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Jul 7, 2017	The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
CVE-2017-10800	Med	5.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Jul 3, 2017	When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
CVE-2017-9501	Med	6.5	< 6.8.8.1-71.5.3	6.8.8.1-71.5.3	Jun 7, 2017	In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9500	Med	6.5	< 6.8.8.1-71.47.1	6.8.8.1-71.47.1	Jun 7, 2017	In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9440	Med	6.5	< 6.8.8.1-71.5.3	6.8.8.1-71.5.3	Jun 5, 2017	In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9439	Med	6.5	< 6.8.8.1-71.5.3	6.8.8.1-71.5.3	Jun 5, 2017	In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9409	Med	6.5	< 6.8.8.1-71.23.1	6.8.8.1-71.23.1	Jun 2, 2017	In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9407	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Jun 2, 2017	In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9405	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Jun 2, 2017	In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9262	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	May 29, 2017	In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9261	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	May 29, 2017	In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9144	Med	6.5	< 6.8.8.1-70.1	6.8.8.1-70.1	May 22, 2017	In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
CVE-2017-9143	Med	6.5	< 6.8.8.1-70.1	6.8.8.1-70.1	May 22, 2017	In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
CVE-2017-9142	Med	6.5	< 6.8.8.1-70.1	6.8.8.1-70.1	May 22, 2017	In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVE-2017-9141	Med	6.5	< 6.8.8.1-70.1	6.8.8.1-70.1	May 22, 2017	In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVE-2017-9098	Hig	7.5	< 6.8.8.1-70.1	6.8.8.1-70.1	May 19, 2017	ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that
CVE-2017-8830	Med	6.5	< 6.8.8.1-70.1	6.8.8.1-70.1	May 8, 2017	In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.

CVE-2017-11170HigJul 11, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file.
CVE-2017-11166MedJul 10, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
CVE-2017-11141MedJul 10, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call.
CVE-2017-10995MedJul 7, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image.
CVE-2017-10800MedJul 3, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it can lead to a denial of service (OOM) in ReadMATImage() if the size specified for a MAT Object is larger than the actual amount of data.
CVE-2017-9501MedJun 7, 2017
affected < 6.8.8.1-71.5.3fixed 6.8.8.1-71.5.3
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9500MedJun 7, 2017
affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9440MedJun 5, 2017
affected < 6.8.8.1-71.5.3fixed 6.8.8.1-71.5.3
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9439MedJun 5, 2017
affected < 6.8.8.1-71.5.3fixed 6.8.8.1-71.5.3
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-9409MedJun 2, 2017
affected < 6.8.8.1-71.23.1fixed 6.8.8.1-71.23.1
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9407MedJun 2, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9405MedJun 2, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9262MedMay 29, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.5-6 Q16, the ReadJNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9261MedMay 29, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
CVE-2017-9144MedMay 22, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
CVE-2017-9143MedMay 22, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
CVE-2017-9142MedMay 22, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVE-2017-9141MedMay 22, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVE-2017-9098HigMay 19, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that
CVE-2017-8830MedMay 8, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.

Page 11 of 14