VYPR

Imagemagick

by ImageMagick

Source repositories

CVEs (775)

  • CVE-2018-16643MedSep 6, 2018
    risk 0.00cvss 6.5epss 0.03

    The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via…

  • CVE-2018-16642MedSep 6, 2018
    risk 0.00cvss 6.5epss 0.03

    The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.

  • CVE-2018-16641MedSep 6, 2018
    risk 0.00cvss 6.5epss 0.02

    ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.

  • CVE-2018-16640MedSep 6, 2018
    risk 0.00cvss 6.5epss 0.03

    ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.

  • CVE-2013-4298Sep 10, 2013
    risk 0.00cvss epss 0.05

    The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image.

  • CVE-2012-3437Aug 7, 2012
    risk 0.00cvss epss 0.03

    The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation.

  • CVE-2010-4167Nov 22, 2010
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory.

  • CVE-2008-1097Mar 5, 2008
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via…

  • CVE-2008-1096Mar 5, 2008
    risk 0.00cvss epss 0.05

    The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an…

  • CVE-2007-4986Sep 24, 2007
    risk 0.00cvss epss 0.03

    Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.

  • CVE-2007-4987Sep 24, 2007
    risk 0.00cvss epss 0.04

    Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.

  • CVE-2007-4985Sep 24, 2007
    risk 0.00cvss epss 0.02

    ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function,…

  • CVE-2007-1797Apr 2, 2007
    risk 0.00cvss epss 0.04

    Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which…

  • CVE-2007-1667Mar 24, 2007
    risk 0.00cvss epss 0.05

    Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images…

  • CVE-2007-0770Feb 12, 2007
    risk 0.00cvss epss 0.05

    Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an…

  • CVE-2006-5868Nov 22, 2006
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

  • CVE-2006-5456Oct 23, 2006
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a…

  • CVE-2006-3744Aug 25, 2006
    risk 0.00cvss epss 0.03

    Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.

  • CVE-2006-3743Aug 25, 2006
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.

  • CVE-2006-2440May 18, 2006
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.

Page 38 of 39