Vulnerabilities > Imagemagick > Imagemagick > 6.9.7.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-22 | CVE-2017-11523 | Infinite Loop vulnerability in Imagemagick The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered. | 7.1 |
| 2017-07-22 | CVE-2017-11522 | NULL Pointer Dereference vulnerability in Imagemagick The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
| 2017-07-21 | CVE-2017-11505 | Excessive Iteration vulnerability in Imagemagick The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file. | 7.1 |
| 2017-07-20 | CVE-2017-11478 | Infinite Loop vulnerability in Imagemagick The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image. | 7.1 |
| 2017-07-19 | CVE-2017-11450 | Improper Input Validation vulnerability in Imagemagick coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | 6.8 |
| 2017-07-19 | CVE-2017-11449 | Improper Input Validation vulnerability in Imagemagick coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | 6.8 |
| 2017-07-19 | CVE-2017-11448 | Information Exposure vulnerability in Imagemagick The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | 4.3 |
| 2017-07-19 | CVE-2017-11447 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. | 4.3 |
| 2017-07-17 | CVE-2017-11352 | In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. | 4.3 |
| 2017-05-19 | CVE-2017-9098 | Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. | 5.0 |