In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-09-28
Updated
2023-02-01
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
Max CVSS
7.5
EPSS Score
0.26%
Published
2020-05-06
Updated
2022-11-14
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
Max CVSS
9.8
EPSS Score
0.22%
Published
2020-03-24
Updated
2022-01-01
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
Max CVSS
9.8
EPSS Score
1.22%
Published
2019-12-24
Updated
2022-10-31
In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.
Max CVSS
8.8
EPSS Score
0.40%
Published
2019-04-24
Updated
2023-03-01
In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.
Max CVSS
8.8
EPSS Score
0.35%
Published
2019-04-24
Updated
2023-03-01
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.
Max CVSS
8.8
EPSS Score
1.02%
Published
2019-04-08
Updated
2023-03-01
In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.
Max CVSS
9.8
EPSS Score
2.77%
Published
2019-04-08
Updated
2020-08-24
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.
Max CVSS
8.8
EPSS Score
1.15%
Published
2018-02-07
Updated
2019-06-30
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Max CVSS
8.8
EPSS Score
1.35%
Published
2017-12-11
Updated
2018-10-18
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.
Max CVSS
8.8
EPSS Score
0.88%
Published
2017-11-09
Updated
2020-01-27
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to run the identify command on a specially crafted MIFF format file with the verbose flag.
Max CVSS
8.8
EPSS Score
0.43%
Published
2017-11-01
Updated
2020-01-08
GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths.
Max CVSS
9.8
EPSS Score
0.36%
Published
2017-07-26
Updated
2018-10-18
GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths.
Max CVSS
9.8
EPSS Score
0.86%
Published
2017-07-26
Updated
2018-10-18
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Max CVSS
7.8
EPSS Score
0.59%
Published
2017-02-15
Updated
2018-10-30
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Max CVSS
7.8
EPSS Score
0.76%
Published
2017-02-15
Updated
2018-10-30
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
Max CVSS
9.8
EPSS Score
0.42%
Published
2017-01-18
Updated
2017-11-04
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
3.32%
Published
2017-02-06
Updated
2019-04-12
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
Max CVSS
9.8
EPSS Score
2.80%
Published
2017-02-06
Updated
2019-04-15
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
Max CVSS
9.8
EPSS Score
2.80%
Published
2017-02-06
Updated
2019-04-15
Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
7.20%
Published
2009-02-10
Updated
2017-08-08
Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
2.74%
Published
2009-02-10
Updated
2017-08-08
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456.
Max CVSS
9.3
EPSS Score
4.03%
Published
2007-02-12
Updated
2018-10-16
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
Max CVSS
7.5
EPSS Score
10.83%
Published
2005-05-02
Updated
2017-10-11
24 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!