Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2005-1739

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-24 May, 2005 | 04:00
Updated At-07 Aug, 2024 | 21:59
Rejected At-
Credits

The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:24 May, 2005 | 04:00
Updated At:07 Aug, 2024 | 21:59
Rejected At:
▼CVE Numbering Authority (CNA)

The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.osvdb.org/16775
vdb-entry
x_refsource_OSVDB
http://security.gentoo.org/glsa/glsa-200505-16.xml
vendor-advisory
x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2005:107
vendor-advisory
x_refsource_MANDRAKE
http://www.securityfocus.com/bid/13705
vdb-entry
x_refsource_BID
http://www.osvdb.org/16774
vdb-entry
x_refsource_OSVDB
http://www.redhat.com/support/errata/RHSA-2005-480.html
vendor-advisory
x_refsource_REDHAT
https://usn.ubuntu.com/132-1/
vendor-advisory
x_refsource_UBUNTU
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960
vdb-entry
signature
x_refsource_OVAL
http://bugs.gentoo.org/show_bug.cgi?id=90423
x_refsource_MISC
http://secunia.com/advisories/15429
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/15446
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/15453
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.osvdb.org/16775
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://security.gentoo.org/glsa/glsa-200505-16.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:107
Resource:
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: http://www.securityfocus.com/bid/13705
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.osvdb.org/16774
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-480.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://usn.ubuntu.com/132-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=90423
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/15429
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/15446
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/15453
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667
Resource:
vdb-entry
signature
x_refsource_OVAL
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.osvdb.org/16775
vdb-entry
x_refsource_OSVDB
x_transferred
http://security.gentoo.org/glsa/glsa-200505-16.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2005:107
vendor-advisory
x_refsource_MANDRAKE
x_transferred
http://www.securityfocus.com/bid/13705
vdb-entry
x_refsource_BID
x_transferred
http://www.osvdb.org/16774
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-480.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://usn.ubuntu.com/132-1/
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://bugs.gentoo.org/show_bug.cgi?id=90423
x_refsource_MISC
x_transferred
http://secunia.com/advisories/15429
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/15446
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/15453
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.osvdb.org/16775
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200505-16.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:107
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/13705
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.osvdb.org/16774
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-480.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://usn.ubuntu.com/132-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=90423
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/15429
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/15446
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/15453
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:24 May, 2005 | 04:00
Updated At:03 Apr, 2025 | 01:03

The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.0
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.0.6
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.6:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.3
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.3:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.4
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.4:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.5
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.5:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.6
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.3.3
cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.3.8
cpe:2.3:a:imagemagick:imagemagick:5.3.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.3
cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.4.5
cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.7
cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.8
cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.8.2.1.1.0
cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.3.2.1.2.0
cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.4
cpe:2.3:a:imagemagick:imagemagick:5.5.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.6
cpe:2.3:a:imagemagick:imagemagick:5.5.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.6.0_2003-04-09
cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.7
cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0
cpe:2.3:a:imagemagick:imagemagick:6.0:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.1
cpe:2.3:a:imagemagick:imagemagick:6.0.1:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.2
cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.2.5
cpe:2.3:a:imagemagick:imagemagick:6.0.2.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.3
cpe:2.3:a:imagemagick:imagemagick:6.0.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.4
cpe:2.3:a:imagemagick:imagemagick:6.0.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.5
cpe:2.3:a:imagemagick:imagemagick:6.0.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.6
cpe:2.3:a:imagemagick:imagemagick:6.0.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.7
cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.8
cpe:2.3:a:imagemagick:imagemagick:6.0.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1
cpe:2.3:a:imagemagick:imagemagick:6.1:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.1.6
cpe:2.3:a:imagemagick:imagemagick:6.1.1.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.2
cpe:2.3:a:imagemagick:imagemagick:6.1.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.3
cpe:2.3:a:imagemagick:imagemagick:6.1.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.4
cpe:2.3:a:imagemagick:imagemagick:6.1.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.5
cpe:2.3:a:imagemagick:imagemagick:6.1.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.6
cpe:2.3:a:imagemagick:imagemagick:6.1.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.7
cpe:2.3:a:imagemagick:imagemagick:6.1.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.8
cpe:2.3:a:imagemagick:imagemagick:6.1.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2
cpe:2.3:a:imagemagick:imagemagick:6.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.0.4
cpe:2.3:a:imagemagick:imagemagick:6.2.0.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.0.7
cpe:2.3:a:imagemagick:imagemagick:6.2.0.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.1
cpe:2.3:a:imagemagick:imagemagick:6.2.1:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.2
cpe:2.3:a:imagemagick:imagemagick:6.2.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=90423cve@mitre.org
Exploit
http://secunia.com/advisories/15429cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/15446cve@mitre.org
N/A
http://secunia.com/advisories/15453cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200505-16.xmlcve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:107cve@mitre.org
N/A
http://www.osvdb.org/16774cve@mitre.org
N/A
http://www.osvdb.org/16775cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-480.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/13705cve@mitre.org
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960cve@mitre.org
N/A
https://usn.ubuntu.com/132-1/cve@mitre.org
N/A
http://bugs.gentoo.org/show_bug.cgi?id=90423af854a3a-2127-422b-91ae-364da2661108
Exploit
http://secunia.com/advisories/15429af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/15446af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/15453af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200505-16.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2005:107af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/16774af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/16775af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-480.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/13705af854a3a-2127-422b-91ae-364da2661108
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960af854a3a-2127-422b-91ae-364da2661108
N/A
https://usn.ubuntu.com/132-1/af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=90423
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/15429
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/15446
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/15453
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200505-16.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:107
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/16774
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/16775
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-480.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/13705
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://usn.ubuntu.com/132-1/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=90423
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://secunia.com/advisories/15429
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/15446
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/15453
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200505-16.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2005:107
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/16774
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/16775
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-480.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/13705
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11667
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A960
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://usn.ubuntu.com/132-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

39Records found
CVE-2017-6497
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.82% / 73.47%
||
7 Day CHG~0.00%
Published-06 Mar, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-15033
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.86%
||
7 Day CHG~0.00%
Published-05 Oct, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

Action-Not Available
Vendor-n/aCanonical Ltd.ImageMagick Studio LLC
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-14137
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.86%
||
7 Day CHG~0.00%
Published-04 Sep, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-3610
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.76%
||
7 Day CHG~0.00%
Published-24 Feb, 2022 | 00:00
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora ProjectImageMagick Studio LLC
Product-enterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2012-1610
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-7.03% / 91.11%
||
7 Day CHG~0.00%
Published-05 Jun, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEImageMagick Studio LLCDebian GNU/Linux
Product-debian_linuxopensuseimagemagickubuntu_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2005-0759
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.50% / 80.37%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.ImageMagick Studio LLC
Product-imagemagickpropackn/a
CVE-2005-0760
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.91% / 74.91%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2005-0761
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.07% / 76.88%
||
7 Day CHG~0.00%
Published-26 Mar, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.ImageMagick Studio LLC
Product-imagemagickpropackn/a
CVE-2005-1275
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-16.48% / 94.63%
||
7 Day CHG~0.00%
Published-26 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.

Action-Not Available
Vendor-n/aGraphicsMagickImageMagick Studio LLC
Product-imagemagickgraphicsmagickn/a
CVE-2017-14739
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 70.88%
||
7 Day CHG~0.00%
Published-26 Sep, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-12805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.38%
||
7 Day CHG~0.00%
Published-09 May, 2019 | 15:29
Updated-05 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-7175
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.06%
||
7 Day CHG~0.00%
Published-07 Mar, 2019 | 22:00
Updated-04 Aug, 2024 | 20:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-12806
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.38%
||
7 Day CHG~0.00%
Published-09 May, 2019 | 15:11
Updated-05 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-12418
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.83%
||
7 Day CHG~0.00%
Published-04 Aug, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-12428
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.41%
||
7 Day CHG~0.00%
Published-04 Aug, 2017 | 10:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadWMFImage in coders/wmf.c, which allows attackers to cause a denial of service in CloneDrawInfo in draw.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-11102
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.01% / 82.96%
||
7 Day CHG~0.00%
Published-07 Jul, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-9839
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.67% / 70.48%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9804
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.22% / 78.27%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object."

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2016-7800
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.19% / 83.72%
||
7 Day CHG~0.00%
Published-06 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickopenSUSE
Product-debian_linuxleapgraphicsmagickopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2016-8682
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.78% / 81.96%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickopenSUSE
Product-debian_linuxopensusegraphicsmagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-7997
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.15% / 77.59%
||
7 Day CHG~0.00%
Published-18 Jan, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-6823
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.92% / 74.97%
||
7 Day CHG~0.00%
Published-18 Jan, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-7449
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.28% / 86.66%
||
7 Day CHG~0.00%
Published-06 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickopenSUSE
Product-debian_linuxleapgraphicsmagickopensusen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10067
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.09%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8895
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.55% / 80.68%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-9848
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.11% / 83.39%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_server_for_raspberry_pisuse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitimagemagickubuntu_linuxsuse_linux_enterprise_desktopopensusen/a
CVE-2014-9849
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.60% / 80.96%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The png coder in ImageMagick allows remote attackers to cause a denial of service (crash).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-9842
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.36% / 84.30%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-9850
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.60% / 80.96%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serversuse_linux_enterprise_software_development_kitleapimagemagickubuntu_linuxsuse_linux_enterprise_desktopopensusen/a
CVE-2014-9851
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.03% / 83.06%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash).

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitsuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-9854
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.72% / 81.61%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

Action-Not Available
Vendor-n/aCanonical Ltd.SUSEopenSUSEImageMagick Studio LLC
Product-linux_enterprise_serversuse_linux_enterprise_serverleapimagemagicklinux_enterprise_software_development_kitubuntu_linuxopensusen/a
CVE-2008-6072
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.38% / 79.52%
||
7 Day CHG~0.00%
Published-06 Feb, 2009 | 01:00
Updated-07 Aug, 2024 | 11:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allow remote attackers to cause a denial of service (crash) via unspecified vectors in (1) XCF and (2) CINEON images.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CVE-2008-3134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.62% / 81.08%
||
7 Day CHG~0.00%
Published-10 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-399
Not Available
CVE-2017-7619
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.48% / 64.36%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2020-12672
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.36% / 57.21%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 02:47
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickopenSUSE
Product-graphicsmagickdebian_linuxbackports_sleleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-7398
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.06%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-7397
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.91%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.Debian GNU/LinuxGraphicsMagickopenSUSE
Product-ubuntu_linuxdebian_linuximagemagickgraphicsmagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-7395
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.74% / 85.40%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-7396
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.74% / 85.40%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 00:00
Updated-04 Aug, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxopenSUSECanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
Details not found