Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2016-12-13 CVE-2016-5689 NULL Pointer Dereference vulnerability in multiple products
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
network
low complexity
oracle imagemagick CWE-476
critical
 9.8
9.8
2016-12-13 CVE-2016-5688 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.
network
high complexity
oracle imagemagick CWE-119
8.1
8.1
2016-12-13 CVE-2016-5687 Out-of-bounds Read vulnerability in multiple products
The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.
network
low complexity
imagemagick oracle CWE-125
critical
 9.8
9.8
2016-12-12 CVE-2016-9938 Improper Authorization vulnerability in Digium Asterisk
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4.
network
low complexity
digium CWE-285
5.3
5.3
2016-12-12 CVE-2016-9937 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Digium Asterisk
An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1.
network
low complexity
digium CWE-119
7.5
7.5
2016-12-12 CVE-2016-9633 Resource Management Errors vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33.
network
low complexity
tats CWE-399
6.5
6.5
2016-12-12 CVE-2016-9632 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33.
network
low complexity
tats CWE-119
6.5
6.5
2016-12-12 CVE-2016-9631 NULL Pointer Dereference vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33.
network
low complexity
tats CWE-476
6.5
6.5
2016-12-12 CVE-2016-9630 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33.
network
low complexity
tats CWE-119
6.5
6.5
2016-12-12 CVE-2016-9629 NULL Pointer Dereference vulnerability in Tats W3M
An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33.
network
low complexity
tats CWE-476
6.5
6.5