Vulnerabilities > Graphicsmagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-18 | CVE-2017-12937 | Out-of-bounds Read vulnerability in multiple products The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | 8.8 |
| 2017-08-18 | CVE-2017-12936 | Use After Free vulnerability in multiple products The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting. | 8.8 |
| 2017-08-18 | CVE-2017-12935 | Out-of-bounds Read vulnerability in multiple products The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. | 8.8 |
| 2017-07-28 | CVE-2017-11722 | Out-of-bounds Read vulnerability in Graphicsmagick 1.3.26 The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with its indentation. | 6.5 |
| 2017-07-26 | CVE-2017-11643 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage() function in coders/cmyk.c when processing multiple frames that have non-identical widths. | 9.8 |
| 2017-07-26 | CVE-2017-11642 | NULL Pointer Dereference vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638. | 8.8 |
| 2017-07-26 | CVE-2017-11641 | Missing Release of Resource after Effective Lifetime vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick Persistent Cache (MPC) files. | 9.8 |
| 2017-07-26 | CVE-2017-11638 | Improper Input Validation vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642. | 8.8 |
| 2017-07-26 | CVE-2017-11637 | NULL Pointer Dereference vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a NULL pointer dereference in the WritePCLImage() function in coders/pcl.c during writes of monochrome images. | 9.8 |
| 2017-07-26 | CVE-2017-11636 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick 1.3.26 GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. | 9.8 |