Vulnerabilities > Imagemagick > Imagemagick > 7.0.6.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-30 | CVE-2017-13768 | NULL Pointer Dereference vulnerability in multiple products Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file. | 4.3 |
2017-08-23 | CVE-2017-13133 | Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.68 In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file. | 7.1 |
2017-08-23 | CVE-2017-13132 | Reachable Assertion vulnerability in Imagemagick 7.0.68 In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file. | 4.3 |
2017-08-23 | CVE-2017-13131 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.68 In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file. | 4.3 |
2017-08-21 | CVE-2017-12983 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.68 Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 6.8 |