Vulnerabilities > Imagemagick > Imagemagick > 6.9.9.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-30 | CVE-2017-13769 | Out-of-bounds Read vulnerability in multiple products The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file. | 4.3 |
2017-08-30 | CVE-2017-13768 | NULL Pointer Dereference vulnerability in multiple products Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. | 4.3 |
2017-08-28 | CVE-2017-12877 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. | 4.3 |
2017-08-24 | CVE-2017-13658 | Reachable Assertion vulnerability in Imagemagick In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c. | 4.3 |
2017-08-23 | CVE-2017-13141 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c. | 4.3 |
2017-08-04 | CVE-2017-12427 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function. | 4.3 |
2017-07-25 | CVE-2016-7539 | Resource Management Errors vulnerability in Imagemagick Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | 7.8 |
2017-07-19 | CVE-2017-11450 | Improper Input Validation vulnerability in Imagemagick coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | 6.8 |
2017-07-19 | CVE-2017-11449 | Improper Input Validation vulnerability in Imagemagick coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | 6.8 |
2017-07-19 | CVE-2017-11447 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service. | 4.3 |