rpm package

suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (275)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-13142	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 23, 2017	In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
CVE-2017-13141	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 23, 2017	In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
CVE-2017-13139	Cri	9.8	< 6.8.8.1-71.12.1	6.8.8.1-71.12.1	Aug 23, 2017	In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-13134	Med	6.5	< 6.8.8.1-71.17.1	6.8.8.1-71.17.1	Aug 23, 2017	In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13133	Med	6.5	< 6.8.8.1-71.12.1	6.8.8.1-71.12.1	Aug 23, 2017	In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
CVE-2017-13131	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Aug 23, 2017	In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
CVE-2017-13062	Med	6.5	< 6.8.8.1-71.20.1	6.8.8.1-71.20.1	Aug 22, 2017	In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
CVE-2017-13061	Med	6.5	< 6.8.8.1-71.20.1	6.8.8.1-71.20.1	Aug 22, 2017	In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
CVE-2017-13060	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 22, 2017	In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13059	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 22, 2017	In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.
CVE-2017-13058	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Aug 22, 2017	In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-12983	Hig	8.8	< 6.8.8.1-71.17.1	6.8.8.1-71.17.1	Aug 21, 2017	Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-12935	Hig	8.8	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 18, 2017	The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
CVE-2017-12676	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 7, 2017	In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
CVE-2017-12675	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 7, 2017	In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
CVE-2017-12674	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Aug 7, 2017	In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.
CVE-2017-12673	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 7, 2017	In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
CVE-2017-12672	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 7, 2017	In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
CVE-2017-12671	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 7, 2017	In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.
CVE-2017-12670	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 7, 2017	In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.

CVE-2017-13142MedAug 23, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
CVE-2017-13141MedAug 23, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
CVE-2017-13139CriAug 23, 2017
affected < 6.8.8.1-71.12.1fixed 6.8.8.1-71.12.1
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-13134MedAug 23, 2017
affected < 6.8.8.1-71.17.1fixed 6.8.8.1-71.17.1
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13133MedAug 23, 2017
affected < 6.8.8.1-71.12.1fixed 6.8.8.1-71.12.1
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
CVE-2017-13131MedAug 23, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
CVE-2017-13062MedAug 22, 2017
affected < 6.8.8.1-71.20.1fixed 6.8.8.1-71.20.1
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
CVE-2017-13061MedAug 22, 2017
affected < 6.8.8.1-71.20.1fixed 6.8.8.1-71.20.1
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
CVE-2017-13060MedAug 22, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13059MedAug 22, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.
CVE-2017-13058MedAug 22, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-12983HigAug 21, 2017
affected < 6.8.8.1-71.17.1fixed 6.8.8.1-71.17.1
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-12935HigAug 18, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
CVE-2017-12676MedAug 7, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
CVE-2017-12675MedAug 7, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
CVE-2017-12674MedAug 7, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.
CVE-2017-12673MedAug 7, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
CVE-2017-12672MedAug 7, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
CVE-2017-12671MedAug 7, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.
CVE-2017-12670MedAug 7, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.

Page 7 of 14