imagemagick 6.8.9.6 has remote DOS via infinite loop
Max CVSS
6.5
EPSS Score
0.43%
Published
2019-12-15
Updated
2019-12-19
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.
Max CVSS
7.5
EPSS Score
0.94%
Published
2019-05-09
Updated
2020-08-19
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.
Max CVSS
7.5
EPSS Score
0.94%
Published
2019-05-09
Updated
2020-09-08
In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.
Max CVSS
8.8
EPSS Score
0.99%
Published
2019-03-24
Updated
2020-08-24
In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.
Max CVSS
5.5
EPSS Score
0.14%
Published
2019-03-30
Updated
2023-02-23
In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.
Max CVSS
8.1
EPSS Score
1.20%
Published
2019-03-30
Updated
2019-05-14
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.
Max CVSS
7.1
EPSS Score
1.47%
Published
2019-04-23
Updated
2020-08-19
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
Max CVSS
6.5
EPSS Score
1.45%
Published
2019-04-23
Updated
2020-08-19
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.
Max CVSS
8.1
EPSS Score
4.94%
Published
2019-04-29
Updated
2020-08-19
In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.
Max CVSS
8.1
EPSS Score
2.33%
Published
2019-04-29
Updated
2020-09-08
A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.
Max CVSS
5.5
EPSS Score
0.21%
Published
2019-06-26
Updated
2020-08-19
In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file.
Max CVSS
6.5
EPSS Score
0.42%
Published
2019-08-12
Updated
2023-03-02
In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.
Max CVSS
6.5
EPSS Score
1.23%
Published
2019-08-12
Updated
2020-08-19
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.
Max CVSS
6.5
EPSS Score
0.72%
Published
2019-08-18
Updated
2020-09-08
coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.
Max CVSS
8.8
EPSS Score
2.69%
Published
2019-08-18
Updated
2020-07-03
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
Max CVSS
6.5
EPSS Score
0.13%
Published
2019-08-18
Updated
2023-03-03
ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XML_PARSE_HUGE is not properly restricted in coders/svg.c, related to SVG and libxml2.
Max CVSS
6.5
EPSS Score
0.18%
Published
2019-11-11
Updated
2021-04-28
17 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!