Vulnerabilities > Imagemagick > Imagemagick > 6.9.6.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-24 | CVE-2017-5508 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. | 5.5 |
| 2017-03-24 | CVE-2017-5507 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. | 7.5 |
| 2017-03-24 | CVE-2016-10145 | Numeric Errors vulnerability in Imagemagick Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. | 9.8 |
| 2017-03-24 | CVE-2016-10144 | Improper Access Control vulnerability in Imagemagick coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. | 9.8 |
| 2017-03-03 | CVE-2016-10065 | Improper Access Control vulnerability in multiple products The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | 7.8 |
| 2017-03-02 | CVE-2016-10062 | 7PK - Errors vulnerability in Imagemagick The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file. | 5.5 |
| 2017-01-18 | CVE-2016-6823 | Integer Overflow or Wraparound vulnerability in Imagemagick Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write. | 7.5 |
| 2016-12-13 | CVE-2016-5841 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. | 9.8 |
| 2016-06-10 | CVE-2016-5118 | The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | 9.8 |