Vulnerabilities > Imagemagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-12 | CVE-2017-14400 | NULL Pointer Dereference vulnerability in Imagemagick 7.0.71 In ImageMagick 7.0.7-1 Q16, the PersistPixelCache function in magick/cache.c mishandles the pixel cache nexus, which allows remote attackers to cause a denial of service (NULL pointer dereference in the function GetVirtualPixels in MagickCore/cache.c) via a crafted file. | 4.3 |
| 2017-09-12 | CVE-2017-14343 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file. | 4.3 |
| 2017-09-12 | CVE-2017-14342 | Resource Exhaustion vulnerability in multiple products ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file. | 4.3 |
| 2017-09-12 | CVE-2017-14326 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. | 4.3 |
| 2017-09-12 | CVE-2017-14324 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.71 In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file. | 4.3 |
| 2017-09-11 | CVE-2017-14249 | Divide By Zero vulnerability in Imagemagick 7.0.68 ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file. | 4.3 |
| 2017-09-11 | CVE-2017-14248 | Out-of-bounds Read vulnerability in Imagemagick 7.0.68 A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file. | 4.3 |
| 2017-09-09 | CVE-2017-14224 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.68 A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file. | 6.8 |
| 2017-09-07 | CVE-2017-14173 | Infinite Loop vulnerability in multiple products In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. | 4.3 |
| 2017-09-04 | CVE-2017-14139 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.62 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. | 4.3 |