CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Imagemagick : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-12676 119 DoS Overflow 2017-08-07 2017-08-10
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
2 CVE-2017-12675 119 DoS Overflow 2017-08-07 2017-08-08
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service.
3 CVE-2017-12674 399 DoS 2017-08-07 2017-08-08
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.6-2, a CPU exhaustion vulnerability was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service.
4 CVE-2017-12673 119 DoS Overflow 2017-08-07 2017-08-10
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service.
5 CVE-2017-12672 119 DoS Overflow 2017-08-07 2017-08-10
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
6 CVE-2017-12671 416 DoS 2017-08-07 2017-08-08
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service.
7 CVE-2017-12670 20 DoS 2017-08-07 2017-08-11
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-3, missing validation was found in coders/mat.c, leading to an assertion failure in the function DestroyImage in MagickCore/image.c, which allows attackers to cause a denial of service.
8 CVE-2017-12669 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
9 CVE-2017-12668 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
10 CVE-2017-12667 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
11 CVE-2017-12666 119 Overflow 2017-08-07 2017-08-10
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.
12 CVE-2017-12665 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c.
13 CVE-2017-12664 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.
14 CVE-2017-12663 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
15 CVE-2017-12662 119 Overflow 2017-08-07 2017-08-10
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.
16 CVE-2017-12654 119 DoS Overflow 2017-08-07 2017-08-10
4.3
None Remote Medium Not required None None Partial
The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file.
17 CVE-2017-12644 119 Overflow 2017-08-07 2017-08-09
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
18 CVE-2017-12643 399 2017-08-07 2017-08-10
7.1
None Remote Medium Not required None None Complete
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
19 CVE-2017-12642 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c.
20 CVE-2017-12641 119 Overflow 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
21 CVE-2017-12640 125 2017-08-07 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
22 CVE-2017-12587 20 2017-08-06 2017-08-08
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage function in coders\pwp.c.
23 CVE-2017-12566 119 DoS Overflow 2017-08-05 2017-08-07
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c.
24 CVE-2017-12565 119 DoS Overflow 2017-08-05 2017-08-08
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service.
25 CVE-2017-12564 119 DoS Overflow 2017-08-05 2017-08-09
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service.
26 CVE-2017-12563 399 DoS 2017-08-05 2017-08-08
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.6-2, a memory exhaustion vulnerability was found in the function ReadPSDImage in coders/psd.c, which allows attackers to cause a denial of service.
27 CVE-2017-12435 399 DoS 2017-08-04 2017-08-08
7.8
None Remote Low Not required None None Complete
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service.
28 CVE-2017-12434 20 DoS 2017-08-04 2017-08-04
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c.
29 CVE-2017-12433 119 DoS Overflow 2017-08-04 2017-08-07
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c.
30 CVE-2017-12432 399 DoS 2017-08-04 2017-08-07
7.1
None Remote Medium Not required None None Complete
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service.
31 CVE-2017-12431 416 DoS 2017-08-04 2017-08-07
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.6-1, a use-after-free vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service.
32 CVE-2017-12430 399 DoS 2017-08-04 2017-08-08
7.8
None Remote Low Not required None None Complete
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service.
33 CVE-2017-12429 399 DoS 2017-08-04 2017-08-04
7.8
None Remote Low Not required None None Complete
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service.
34 CVE-2017-12428 119 DoS Overflow 2017-08-04 2017-08-08
5.0
None Remote Low Not required None None Partial
In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.
35 CVE-2017-12427 119 DoS Overflow 2017-08-04 2017-08-04
4.3
None Remote Medium Not required None None Partial
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
36 CVE-2017-12418 119 Overflow 2017-08-03 2017-08-04
5.0
None Remote Low Not required None None Partial
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.
37 CVE-2017-12140 399 2017-08-02 2017-08-03
7.1
None Remote Medium Not required None None Complete
The ReadDCMImage function in coders\dcm.c in ImageMagick 7.0.6-1 has an integer signedness error leading to excessive memory consumption via a crafted DCM file.
38 CVE-2017-11755 119 DoS Overflow 2017-07-30 2017-08-02
4.3
None Remote Medium Not required None None Partial
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.
39 CVE-2017-11754 119 DoS Overflow 2017-07-30 2017-08-02
4.3
None Remote Medium Not required None None Partial
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.
40 CVE-2017-11753 125 DoS 2017-07-30 2017-08-02
4.3
None Remote Medium Not required None None Partial
The GetImageDepth function in MagickCore/attribute.c in ImageMagick 7.0.6-4 might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted Flexible Image Transport System (FITS) file.
41 CVE-2017-11752 119 DoS Overflow 2017-07-30 2017-08-02
4.3
None Remote Medium Not required None None Partial
The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
42 CVE-2017-11751 119 DoS Overflow 2017-07-30 2017-08-02
4.3
None Remote Medium Not required None None Partial
The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
43 CVE-2017-11750 476 DoS 2017-07-30 2017-08-02
4.3
None Remote Medium Not required None None Partial
The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
44 CVE-2017-11724 399 2017-07-29 2017-08-04
4.3
None Remote Medium Not required None None Partial
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
45 CVE-2017-11644 119 Overflow 2017-07-26 2017-07-31
4.3
None Remote Medium Not required None None Partial
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
46 CVE-2017-11640 119 Overflow 2017-07-26 2017-07-31
4.3
None Remote Medium Not required None None Partial
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.
47 CVE-2017-11639 119 Overflow 2017-07-26 2017-07-31
4.3
None Remote Medium Not required None None Partial
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.
48 CVE-2017-11540 119 Overflow 2017-07-22 2017-07-28
4.3
None Remote Medium Not required None None Partial
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
49 CVE-2017-11539 119 Overflow 2017-07-22 2017-07-28
4.3
None Remote Medium Not required None None Partial
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.
50 CVE-2017-11538 119 Overflow 2017-07-22 2017-07-31
4.3
None Remote Medium Not required None None Partial
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.
Total number of vulnerabilities : 333   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.