imagemagick imagemagick 7.0.8-36 vulnerabilities and exploits

(subscribe to this query)

8.1

CVSSv3

In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an malicious user to cause a denial of service or information disclosure via a crafted image file.

Imagemagick Imagemagick 7.0.8-36 Debian Debian Linux 9.0

5.5

CVSSv3

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an malicious user to cause a denial of service via a crafted image file.

Imagemagick Imagemagick 7.0.8-36 Debian Debian Linux 10.0 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10 Canonical Ubuntu Linux 19.04 Canonical Ubuntu Linux 16.04

9.8

CVSSv3

In ImageMagick prior to 6.9.9-0 and 7.x prior to 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.

8.8

CVSSv3

ImageMagick prior to 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c.

Imagemagick Imagemagick

1 Github repository

9.8

CVSSv3

In ImageMagick prior to 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.

Imagemagick Imagemagick

6.5

CVSSv3

The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows malicious users to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a...

Imagemagick Imagemagick 7.0.8-41

8.8

CVSSv3

coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote malicious users to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.

Imagemagick Imagemagick 7.0.8-43

6.5

CVSSv3

The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows malicious users to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for ins...

Imagemagick Imagemagick 7.0.8-26

6.5

CVSSv3

ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows malicious users to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.

Imagemagick Imagemagick 7.0.8-41

8.1

CVSSv3

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an malicious user to cause a denial of service or possibly information disclosure via a crafted image file.

Imagemagick Imagemagick 7.0.8-43

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook