Vulnerabilities > Imagemagick
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-19 | CVE-2017-11446 | Infinite Loop vulnerability in Imagemagick 7.0.61 The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file. | 6.5 |
| 2017-07-17 | CVE-2017-11360 | Excessive Iteration vulnerability in Imagemagick 7.0.61 The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value. | 6.5 |
| 2017-07-17 | CVE-2017-11352 | In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. | 6.5 |
| 2017-07-13 | CVE-2017-11310 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61 The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files. | 8.8 |
| 2017-07-12 | CVE-2017-11188 | Excessive Iteration vulnerability in Imagemagick 7.0.60 The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check. | 7.5 |
| 2017-07-11 | CVE-2017-11170 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.56 The ReadTGAImage function in coders\tga.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via invalid colors data in the header of a TGA or VST file. | 8.8 |
| 2017-07-10 | CVE-2017-11166 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.56 The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file. | 6.5 |
| 2017-07-10 | CVE-2017-11141 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.56 The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call. | 6.5 |
| 2017-07-07 | CVE-2017-10995 | Out-of-bounds Read vulnerability in Imagemagick 7.0.60 The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | 5.5 |
| 2017-07-05 | CVE-2017-10928 | Out-of-bounds Read vulnerability in Imagemagick 7.0.60 In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. | 8.8 |