Show filters
29 Total Results
Displaying 1-10 of 29
Sort by:
Attacker Value
Unknown

CVE-2017-14341

Disclosure Date: September 12, 2017 (last updated November 26, 2024)
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2017-14249

Disclosure Date: September 11, 2017 (last updated November 26, 2024)
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
0
0
Attacker Value
Unknown

CVE-2017-14248

Disclosure Date: September 11, 2017 (last updated November 26, 2024)
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
0
0
Attacker Value
Unknown

CVE-2017-14224

Disclosure Date: September 09, 2017 (last updated November 26, 2024)
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
0
0
Attacker Value
Unknown

CVE-2017-14173

Disclosure Date: September 07, 2017 (last updated November 26, 2024)
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2017-14175

Disclosure Date: September 07, 2017 (last updated November 26, 2024)
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2017-13658

Disclosure Date: August 24, 2017 (last updated November 26, 2024)
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
0
0
Attacker Value
Unknown

CVE-2017-13140

Disclosure Date: August 23, 2017 (last updated November 26, 2024)
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
0
0
Attacker Value
Unknown

CVE-2017-13141

Disclosure Date: August 23, 2017 (last updated November 26, 2024)
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
0
0
Attacker Value
Unknown

CVE-2017-13142

Disclosure Date: August 23, 2017 (last updated November 26, 2024)
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
0
0
View More Topics  Next >