Vulnerabilities > Imagemagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-10 | CVE-2017-11166 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.56 The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file. | 6.5 |
| 2017-07-10 | CVE-2017-11141 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.56 The ReadMATImage function in coders\mat.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted MAT file, related to incorrect ordering of a SetImageExtent call. | 6.5 |
| 2017-07-07 | CVE-2017-10995 | Out-of-bounds Read vulnerability in Imagemagick 7.0.60 The mng_get_long function in coders/png.c in ImageMagick 7.0.6-0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted MNG image. | 5.5 |
| 2017-06-07 | CVE-2017-9501 | Reachable Assertion vulnerability in Imagemagick 7.0.57 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-07 | CVE-2017-9500 | Reachable Assertion vulnerability in Imagemagick 7.0.58 In ImageMagick 7.0.5-8 Q16, an assertion failure was found in the function ResetImageProfileIterator, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-07 | CVE-2017-9499 | Reachable Assertion vulnerability in Imagemagick 7.0.57 In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-05 | CVE-2017-9440 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55 In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-05 | CVE-2017-9439 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55 In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9409 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55 In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file. | 6.5 |
| 2017-06-02 | CVE-2017-9407 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.55 In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file. | 6.5 |