rpm package

suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3

pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Vulnerabilities (265)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-14042	Med	6.5	< 6.8.8.1-71.20.1	6.8.8.1-71.20.1	Aug 30, 2017	A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.
CVE-2017-13769	Med	6.5	< 6.8.8.1-71.17.1	6.8.8.1-71.17.1	Aug 30, 2017	The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
CVE-2017-13768	Med	6.5	< 6.8.8.1-71.47.1	6.8.8.1-71.47.1	Aug 30, 2017	Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVE-2017-13758	Med	6.5	< 6.8.8.1-71.65.1	6.8.8.1-71.65.1	Aug 29, 2017	In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.
CVE-2017-13658	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 24, 2017	In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
CVE-2017-13648	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 23, 2017	In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
CVE-2017-13147	Hig	8.8	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 23, 2017	In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
CVE-2017-13146	Hig	8.8	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 23, 2017	In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
CVE-2017-13142	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 23, 2017	In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
CVE-2017-13141	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 23, 2017	In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
CVE-2017-13139	Cri	9.8	< 6.8.8.1-71.12.1	6.8.8.1-71.12.1	Aug 23, 2017	In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-13134	Med	6.5	< 6.8.8.1-71.17.1	6.8.8.1-71.17.1	Aug 23, 2017	In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13133	Med	6.5	< 6.8.8.1-71.12.1	6.8.8.1-71.12.1	Aug 23, 2017	In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
CVE-2017-13131	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Aug 23, 2017	In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
CVE-2017-13062	Med	6.5	< 6.8.8.1-71.20.1	6.8.8.1-71.20.1	Aug 22, 2017	In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
CVE-2017-13061	Med	6.5	< 6.8.8.1-71.20.1	6.8.8.1-71.20.1	Aug 22, 2017	In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
CVE-2017-13060	Med	6.5	< 6.8.8.1-71.26.1	6.8.8.1-71.26.1	Aug 22, 2017	In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13059	Med	6.5	< 6.8.8.1-71.33.1	6.8.8.1-71.33.1	Aug 22, 2017	In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.
CVE-2017-13058	Med	6.5	< 6.8.8.1-71.42.1	6.8.8.1-71.42.1	Aug 22, 2017	In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-12983	Hig	8.8	< 6.8.8.1-71.17.1	6.8.8.1-71.17.1	Aug 21, 2017	Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

CVE-2017-14042MedAug 30, 2017
affected < 6.8.8.1-71.20.1fixed 6.8.8.1-71.20.1
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.
CVE-2017-13769MedAug 30, 2017
affected < 6.8.8.1-71.17.1fixed 6.8.8.1-71.17.1
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
CVE-2017-13768MedAug 30, 2017
affected < 6.8.8.1-71.47.1fixed 6.8.8.1-71.47.1
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVE-2017-13758MedAug 29, 2017
affected < 6.8.8.1-71.65.1fixed 6.8.8.1-71.65.1
In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.
CVE-2017-13658MedAug 24, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
CVE-2017-13648MedAug 23, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
CVE-2017-13147HigAug 23, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
CVE-2017-13146HigAug 23, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
CVE-2017-13142MedAug 23, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
CVE-2017-13141MedAug 23, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
CVE-2017-13139CriAug 23, 2017
affected < 6.8.8.1-71.12.1fixed 6.8.8.1-71.12.1
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVE-2017-13134MedAug 23, 2017
affected < 6.8.8.1-71.17.1fixed 6.8.8.1-71.17.1
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13133MedAug 23, 2017
affected < 6.8.8.1-71.12.1fixed 6.8.8.1-71.12.1
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
CVE-2017-13131MedAug 23, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
CVE-2017-13062MedAug 22, 2017
affected < 6.8.8.1-71.20.1fixed 6.8.8.1-71.20.1
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service (WriteMETAImage memory consumption) via a crafted file.
CVE-2017-13061MedAug 22, 2017
affected < 6.8.8.1-71.20.1fixed 6.8.8.1-71.20.1
In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file.
CVE-2017-13060MedAug 22, 2017
affected < 6.8.8.1-71.26.1fixed 6.8.8.1-71.26.1
In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-13059MedAug 22, 2017
affected < 6.8.8.1-71.33.1fixed 6.8.8.1-71.33.1
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service (WriteJNGImage memory consumption) via a crafted file.
CVE-2017-13058MedAug 22, 2017
affected < 6.8.8.1-71.42.1fixed 6.8.8.1-71.42.1
In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file.
CVE-2017-12983HigAug 21, 2017
affected < 6.8.8.1-71.17.1fixed 6.8.8.1-71.17.1
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

Page 9 of 14