Imagemagick : Security Vulnerabilities, CVEs, Published In 2017 (Denial of service)
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
Max CVSS
8.8
EPSS Score
0.56%
Published
2017-07-19
Updated
2021-04-20
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
Max CVSS
8.8
EPSS Score
0.63%
Published
2017-07-19
Updated
2021-04-20
Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Max CVSS
8.8
EPSS Score
0.81%
Published
2017-08-21
Updated
2018-06-14
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
Max CVSS
8.8
EPSS Score
2.35%
Published
2017-09-09
Updated
2018-06-14
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
Max CVSS
8.8
EPSS Score
0.61%
Published
2017-09-21
Updated
2018-06-14
ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."
Max CVSS
8.8
EPSS Score
1.55%
Published
2017-10-12
Updated
2020-09-08
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file.
Max CVSS
8.8
EPSS Score
2.14%
Published
2017-11-05
Updated
2020-10-22
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Max CVSS
7.8
EPSS Score
1.17%
Published
2017-07-25
Updated
2017-07-27
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
Max CVSS
7.8
EPSS Score
0.86%
Published
2017-03-23
Updated
2020-11-16
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
Max CVSS
7.8
EPSS Score
0.73%
Published
2017-03-23
Updated
2020-11-16
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.90%
Published
2017-03-23
Updated
2020-11-16
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.98%
Published
2017-03-23
Updated
2020-11-16
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.67%
Published
2017-03-23
Updated
2020-11-16
Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.67%
Published
2017-03-23
Updated
2020-11-16
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.86%
Published
2017-03-23
Updated
2020-11-16
Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.67%
Published
2017-03-23
Updated
2020-11-16
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
Max CVSS
7.8
EPSS Score
0.61%
Published
2017-03-23
Updated
2017-03-25
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.
Max CVSS
7.8
EPSS Score
0.85%
Published
2017-03-02
Updated
2020-11-16
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.88%
Published
2017-03-02
Updated
2020-11-16
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
Max CVSS
7.8
EPSS Score
0.67%
Published
2017-03-03
Updated
2019-04-12
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Max CVSS
7.8
EPSS Score
1.40%
Published
2017-03-24
Updated
2017-11-04
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
Max CVSS
7.8
EPSS Score
6.04%
Published
2017-03-24
Updated
2020-10-15
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.
Max CVSS
7.8
EPSS Score
0.20%
Published
2017-08-04
Updated
2020-09-08
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.
Max CVSS
7.8
EPSS Score
0.33%
Published
2017-08-04
Updated
2020-09-08
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
Max CVSS
7.8
EPSS Score
0.33%
Published
2017-08-04
Updated
2020-09-08