6.9.7

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-24	CVE-2017-5508	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. network imagemagick CWE-119	4.3
2017-03-24	CVE-2017-5507	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. network low complexity imagemagick debian CWE-772	7.8
2017-03-06	CVE-2017-6502	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.9.7 An issue was discovered in ImageMagick 6.9.7. network imagemagick CWE-119	4.3
2017-03-06	CVE-2017-6501	NULL Pointer Dereference vulnerability in Imagemagick 6.9.7 An issue was discovered in ImageMagick 6.9.7. network imagemagick CWE-476	4.3
2017-03-06	CVE-2017-6500	Out-of-bounds Read vulnerability in multiple products An issue was discovered in ImageMagick 6.9.7. network imagemagick debian CWE-125	4.3
2017-03-06	CVE-2017-6499	Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in Magick++ in ImageMagick 6.9.7. network imagemagick debian CWE-772	4.3
2017-03-06	CVE-2017-6498	Improper Input Validation vulnerability in multiple products An issue was discovered in ImageMagick 6.9.7. network imagemagick debian CWE-20	4.3
2017-03-06	CVE-2017-6497	NULL Pointer Dereference vulnerability in Imagemagick 6.9.7 An issue was discovered in ImageMagick 6.9.7. network low complexity imagemagick CWE-476	5.0
2017-03-03	CVE-2016-10065	Improper Access Control vulnerability in Imagemagick The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. network imagemagick opensuse CWE-284	6.8
2017-02-15	CVE-2016-8677	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure. network imagemagick opensuse debian CWE-119	6.8