Vulnerabilities > Imagemagick

DATE CVE VULNERABILITY TITLE RISK
2017-07-29 CVE-2017-11724 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
network
low complexity
imagemagick CWE-772
6.5
6.5
2017-07-26 CVE-2017-11644 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage() function in coders/mat.c.
network
low complexity
imagemagick CWE-772
6.5
6.5
2017-07-26 CVE-2017-11640 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to an address access exception in the WritePTIFImage() function in coders/tiff.c.
network
low complexity
imagemagick CWE-119
6.5
6.5
2017-07-26 CVE-2017-11639 Out-of-bounds Read vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c, related to the GetPixelLuma function in MagickCore/pixel-accessor.h.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-07-25 CVE-2016-7539 Resource Management Errors vulnerability in Imagemagick
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
network
low complexity
imagemagick CWE-399
7.5
7.5
2017-07-23 CVE-2017-11540 Out-of-bounds Read vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
network
low complexity
imagemagick CWE-125
6.5
6.5
2017-07-23 CVE-2017-11539 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage() function in coders/png.c.
network
low complexity
imagemagick CWE-772
6.5
6.5
2017-07-23 CVE-2017-11538 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteOnePNGImage() function in coders/png.c.
network
low complexity
imagemagick CWE-772
6.5
6.5
2017-07-23 CVE-2017-11537 Incorrect Calculation vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception (FPE) in the WritePALMImage() function in coders/palm.c, related to an incorrect bits-per-pixel calculation.
network
low complexity
imagemagick CWE-682
6.5
6.5
2017-07-23 CVE-2017-11536 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image() function in coders/jp2.c.
network
low complexity
imagemagick CWE-772
6.5
6.5