Cpe Name:
cpe:/a:imagemagick:imagemagick:6.2.8.1
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2019-13136 |
190 |
|
Overflow |
2019-07-01 |
2019-08-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. |
2 |
CVE-2019-10131 |
119 |
|
Overflow |
2019-04-30 |
2019-05-21 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Partial |
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. |
3 |
CVE-2012-1798 |
119 |
|
DoS Overflow |
2012-06-05 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. |
4 |
CVE-2012-1610 |
189 |
|
DoS Overflow |
2012-06-05 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259. |
5 |
CVE-2012-1186 |
119 |
|
DoS Overflow |
2012-06-05 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248. |
6 |
CVE-2012-1185 |
189 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-06-05 |
2017-08-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247. |
7 |
CVE-2012-0259 |
119 |
|
DoS Overflow |
2012-06-05 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read. |
8 |
CVE-2012-0248 |
119 |
|
DoS Overflow |
2012-06-05 |
2012-11-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. |
9 |
CVE-2012-0247 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-06-05 |
2012-11-26 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. |
10 |
CVE-2008-1097 |
399 |
|
DoS Exec Code Overflow Mem. Corr. |
2008-03-05 |
2017-09-28 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. |
11 |
CVE-2008-1096 |
119 |
|
DoS Exec Code Overflow |
2008-03-05 |
2017-09-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function. |
Total number of vulnerabilities :
11
Page :
1
(This Page)