Vulnerabilities > Imagemagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-23 | CVE-2017-11533 | Out-of-bounds Read vulnerability in Imagemagick 7.0.61 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c. | 4.3 |
| 2017-07-23 | CVE-2017-11532 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. | 4.3 |
| 2017-07-23 | CVE-2017-11531 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage() function in coders/histogram.c. | 4.3 |
| 2017-07-23 | CVE-2017-11529 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. | 4.3 |
| 2017-07-23 | CVE-2017-11528 | Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file. | 4.3 |
| 2017-07-23 | CVE-2017-11524 | Reachable Assertion vulnerability in Imagemagick The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file. | 4.3 |
| 2017-07-22 | CVE-2017-11522 | NULL Pointer Dereference vulnerability in Imagemagick The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 4.3 |
| 2017-07-19 | CVE-2017-11450 | Improper Input Validation vulnerability in Imagemagick coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. | 6.8 |
| 2017-07-19 | CVE-2017-11449 | Improper Input Validation vulnerability in Imagemagick coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin. | 6.8 |
| 2017-07-19 | CVE-2017-11448 | Information Exposure vulnerability in Imagemagick The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file. | 4.3 |