Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-07 CVE-2016-5315 Out-of-bounds Read vulnerability in multiple products
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
local
low complexity
libtiff debian CWE-125
5.5
5.5
2017-03-07 CVE-2013-5653 Information Exposure vulnerability in multiple products
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
local
low complexity
artifex debian CWE-200
5.5
5.5
2017-03-06 CVE-2017-6500 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-125
5.5
5.5
2017-03-06 CVE-2017-6499 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in Magick++ in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-772
5.5
5.5
2017-03-06 CVE-2017-6498 Improper Input Validation vulnerability in multiple products
An issue was discovered in ImageMagick 6.9.7.
local
low complexity
imagemagick debian CWE-20
5.5
5.5
2017-03-01 CVE-2016-9830 Improper Input Validation vulnerability in multiple products
The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.
local
low complexity
graphicsmagick debian opensuse CWE-20
5.5
5.5
2017-03-01 CVE-2017-5976 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5
2017-03-01 CVE-2017-5975 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the __zzip_get64 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-787
5.5
5.5
2017-03-01 CVE-2017-5974 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
local
low complexity
zziplib-project debian CWE-119
5.5
5.5
2017-03-01 CVE-2016-9559 NULL Pointer Dereference vulnerability in multiple products
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
network
low complexity
imagemagick debian CWE-476
6.5
6.5