Vulnerabilities > Imagemagick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-24 | CVE-2007-4986 | Numeric Errors vulnerability in Imagemagick Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow. | 6.8 |
| 2007-09-24 | CVE-2007-4985 | Resource Management Errors vulnerability in Imagemagick ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls. | 4.3 |
| 2007-04-02 | CVE-2007-1797 | Numeric Errors vulnerability in Imagemagick Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667. | 6.8 |
| 2006-10-23 | CVE-2006-5456 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. | 5.1 |
| 2006-08-25 | CVE-2006-3744 | Numeric Errors vulnerability in Imagemagick Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. | 5.1 |
| 2006-08-25 | CVE-2006-3743 | Buffer Overflow vulnerability in ImageMagick XCF Image File Remote Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. | 5.1 |
| 2006-01-04 | CVE-2006-0082 | USE of Externally-Controlled Format String vulnerability in Imagemagick 6.2.3 Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program. | 5.1 |
| 2005-05-24 | CVE-2005-1739 | Denial Of Service vulnerability in ImageMagick And GraphicsMagick XWD Decoder The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask. | 5.0 |
| 2005-05-02 | CVE-2005-0760 | Unspecified vulnerability in Imagemagick The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. | 5.0 |
| 2005-04-25 | CVE-2005-1275 | Remote Buffer Overflow vulnerability in ImageMagick PNM Image Decoding Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. | 5.0 |