Vulnerabilities > Imagemagick

DATE CVE VULNERABILITY TITLE RISK
2017-12-27 CVE-2017-17886 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-12-27 CVE-2017-17885 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-12-27 CVE-2017-17884 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-12-27 CVE-2017-17883 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.712
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file.
network
low complexity
imagemagick CWE-772
6.5
6.5
2017-12-27 CVE-2017-17882 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-12-27 CVE-2017-17881 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file.
network
low complexity
imagemagick canonical CWE-772
6.5
6.5
2017-12-27 CVE-2017-17880 Out-of-bounds Read vulnerability in Imagemagick 7.0.716
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check.
network
low complexity
imagemagick CWE-125
8.8
8.8
2017-12-27 CVE-2017-17879 Out-of-bounds Read vulnerability in multiple products
In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based buffer over-read in ReadOneMNGImage in coders/png.c, related to length calculation and caused by an off-by-one error.
network
low complexity
imagemagick debian canonical CWE-125
8.8
8.8
2017-12-14 CVE-2017-17682 Resource Exhaustion vulnerability in multiple products
In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted wpg image file that triggers a ReadWPGImage call.
network
low complexity
imagemagick debian canonical CWE-400
6.5
6.5
2017-12-14 CVE-2017-17681 Infinite Loop vulnerability in multiple products
In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted psd image file.
network
low complexity
imagemagick canonical CWE-835
6.5
6.5