Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-5456

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-23 Oct, 2006 | 17:00
Updated At-07 Aug, 2024 | 19:48
Rejected At-
Credits

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:23 Oct, 2006 | 17:00
Updated At:07 Aug, 2024 | 19:48
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/24196
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/4170
vdb-entry
x_refsource_VUPEN
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
x_refsource_CONFIRM
http://secunia.com/advisories/22572
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200611-07.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/22601
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/24458
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/452718/100/100/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/22834
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
vdb-entry
signature
x_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
vdb-entry
x_refsource_XF
http://secunia.com/advisories/23090
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/24284
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1034
x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
vendor-advisory
x_refsource_SUSE
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
vendor-advisory
x_refsource_SLACKWARE
http://secunia.com/advisories/22819
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/22604
third-party-advisory
x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_3_sr.html
vendor-advisory
x_refsource_SUSE
http://www.ubuntu.com/usn/usn-422-1
vendor-advisory
x_refsource_UBUNTU
http://www.securityfocus.com/archive/1/459507/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://security.gentoo.org/glsa/glsa-200611-19.xml
vendor-advisory
x_refsource_GENTOO
http://www.securityfocus.com/bid/20707
vdb-entry
x_refsource_BID
http://secunia.com/advisories/23121
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-811
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2007-0015.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2006/4171
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/22998
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/24186
third-party-advisory
x_refsource_SECUNIA
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
vendor-advisory
x_refsource_SGI
http://www.debian.org/security/2006/dsa-1213
vendor-advisory
x_refsource_DEBIAN
http://www.osvdb.org/29990
vdb-entry
x_refsource_OSVDB
http://www.ubuntu.com/usn/usn-372-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/22569
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
vendor-advisory
x_refsource_MANDRIVA
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/24196
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/4170
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/22572
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/22601
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/24458
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/452718/100/100/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/22834
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/23090
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/24284
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-1034
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://secunia.com/advisories/22819
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/22604
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.novell.com/linux/security/advisories/2007_3_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.ubuntu.com/usn/usn-422-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.securityfocus.com/archive/1/459507/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-19.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securityfocus.com/bid/20707
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/23121
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-811
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0015.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2006/4171
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/22998
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/24186
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://www.debian.org/security/2006/dsa-1213
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.osvdb.org/29990
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.ubuntu.com/usn/usn-372-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/22569
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
Resource:
vendor-advisory
x_refsource_MANDRIVA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/24196
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/4170
vdb-entry
x_refsource_VUPEN
x_transferred
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/22572
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200611-07.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/22601
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/24458
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/452718/100/100/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/22834
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
vdb-entry
signature
x_refsource_OVAL
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/23090
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/24284
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-1034
x_refsource_CONFIRM
x_transferred
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://secunia.com/advisories/22819
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/22604
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.novell.com/linux/security/advisories/2007_3_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.ubuntu.com/usn/usn-422-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.securityfocus.com/archive/1/459507/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://security.gentoo.org/glsa/glsa-200611-19.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securityfocus.com/bid/20707
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/23121
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-811
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0015.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2006/4171
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/22998
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/24186
third-party-advisory
x_refsource_SECUNIA
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
vendor-advisory
x_refsource_SGI
x_transferred
http://www.debian.org/security/2006/dsa-1213
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.osvdb.org/29990
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.ubuntu.com/usn/usn-372-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/22569
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
vendor-advisory
x_refsource_MANDRIVA
x_transferred
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
x_refsource_CONFIRM
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/24196
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4170
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/22572
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/22601
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/24458
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/452718/100/100/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/22834
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/23090
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/24284
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1034
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://secunia.com/advisories/22819
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/22604
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_3_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-422-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/459507/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-19.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/20707
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/23121
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-811
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0015.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/4171
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/22998
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/24186
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1213
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.osvdb.org/29990
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-372-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/22569
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:23 Oct, 2006 | 17:07
Updated At:17 Oct, 2018 | 21:43

Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.1MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 5.1
Base severity: MEDIUM
Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
CPE Matches
GraphicsMagick
graphicsmagick
>>graphicsmagick>>Versions up to 1.1.6(inclusive)
cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.0
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.0.6
cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.6:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.3
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.3:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.4
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.4:*:*:*:*:*:*:*
GraphicsMagick
graphicsmagick
>>graphicsmagick>>1.1.5
cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.7
cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

This vulnerability is addressed in the following product release: GraphicsMagick, GraphicsMagick, 1.1.7 Unable to identify a patch for ImageMagick.

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascsecalert@redhat.com
N/A
http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9secalert@redhat.com
N/A
http://secunia.com/advisories/22569secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22572secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22601secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22604secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22819secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22834secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22998secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/23090secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/23121secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24186secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24196secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24284secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/24458secalert@redhat.com
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200611-07.xmlsecalert@redhat.com
N/A
http://security.gentoo.org/glsa/glsa-200611-19.xmlsecalert@redhat.com
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092secalert@redhat.com
N/A
http://www.debian.org/security/2006/dsa-1213secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:193secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:041secalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2006_66_imagemagick.htmlsecalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2007_3_sr.htmlsecalert@redhat.com
N/A
http://www.osvdb.org/29990secalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2007-0015.htmlsecalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/archive/1/452718/100/100/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/archive/1/459507/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/20707secalert@redhat.com
N/A
http://www.ubuntu.com/usn/usn-372-1secalert@redhat.com
N/A
http://www.ubuntu.com/usn/usn-422-1secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/4170secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4171secalert@redhat.com
Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921secalert@redhat.com
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29816secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-1034secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-811secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765secalert@redhat.com
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://packages.debian.org/changelogs/pool/main/g/graphicsmagick/graphicsmagick_1.1.7-9/changelog#versionversion1.1.7-9
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/22569
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22572
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22601
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22604
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22819
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22834
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22998
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/23090
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/23121
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24186
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24196
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24284
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24458
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-07.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200611-19.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.352092
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1213
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:193
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:041
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_66_imagemagick.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_3_sr.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.osvdb.org/29990
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0015.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/452718/100/100/threaded
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/459507/100/0/threaded
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/20707
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-372-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-422-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/4170
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2006/4171
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210921
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/29816
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1034
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-811
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9765
Source: secalert@redhat.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

153Records found
CVE-2006-3743
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.1||MEDIUM
EPSS-2.09% / 83.30%
||
7 Day CHG~0.00%
Published-25 Aug, 2006 | 01:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2006-3744
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.1||MEDIUM
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-25 Aug, 2006 | 01:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CVE-2006-0082
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-5.1||MEDIUM
EPSS-3.88% / 87.78%
||
7 Day CHG~0.00%
Published-04 Jan, 2006 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2004-0802
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-6.29% / 90.56%
||
7 Day CHG~0.00%
Published-24 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

Action-Not Available
Vendor-enlightenmentconectivaturbolinuxn/aUbuntuImageMagick Studio LLCSUSERed Hat, Inc.Sun Microsystems (Oracle Corporation)Mandriva (Mandrakesoft)
Product-imlibubuntu_linuxturbolinux_desktopjava_desktop_systemturbolinux_workstationimagemagicklinuxlinux_advanced_workstationmandrake_linux_corporate_serverturbolinux_serverenterprise_linux_desktopsuse_linuxfedora_coreenterprise_linuximlib2mandrake_linuxn/a
CVE-2017-17783
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.07%
||
7 Day CHG~0.00%
Published-20 Dec, 2017 | 09:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GraphicsMagick 1.3.27a, there is a buffer over-read in ReadPALMImage in coders/palm.c when QuantumDepth is 8.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagick
Product-debian_linuxgraphicsmagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-5688
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-2.39% / 84.40%
||
7 Day CHG~0.00%
Published-13 Dec, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

Action-Not Available
Vendor-n/aImageMagick Studio LLCOracle Corporation
Product-imagemagicksolarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4563
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.67%
||
7 Day CHG-1.03%
Published-04 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-2317
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.26% / 49.23%
||
7 Day CHG~0.00%
Published-03 Feb, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function in coders/svg.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagickSUSEopenSUSE
Product-graphicsmagickleapstudio_onsitedebian_linuxlinux_enterprise_debuginfolinux_enterprise_software_development_kitopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4562
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.67%
||
7 Day CHG-0.42%
Published-04 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6876
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.34% / 55.81%
||
7 Day CHG~0.00%
Published-09 Feb, 2018 | 18:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.

Action-Not Available
Vendor-libfpx_projectn/aImageMagick Studio LLC
Product-libfpximagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6799
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.78% / 72.66%
||
7 Day CHG-0.04%
Published-07 Feb, 2018 | 05:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagick
Product-debian_linuxgraphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-7470
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-25 Feb, 2018 | 07:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10056
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.32%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10052
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10054
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.19%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10057
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.19%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10059
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 58.98%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10055
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.19%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10067
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.09%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10064
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10063
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.88% / 74.40%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10046
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 59.79%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10050
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10049
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.52%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8957
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-6.5||MEDIUM
EPSS-0.67% / 70.34%
||
7 Day CHG~0.00%
Published-20 Apr, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8808
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.53% / 66.25%
||
7 Day CHG~0.00%
Published-13 Jul, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

Action-Not Available
Vendor-n/aFedora ProjectGraphicsMagickSUSE
Product-studio_onsitefedoragraphicsmagicklinux_enterprise_debuginfolinux_enterprise_software_development_kitn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9847
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.46% / 87.07%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitstudio_onsitesuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-6070
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.36% / 86.83%
||
7 Day CHG~0.00%
Published-06 Feb, 2009 | 01:00
Updated-07 Aug, 2024 | 11:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-6071
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.08% / 90.39%
||
7 Day CHG~0.00%
Published-06 Feb, 2009 | 01:00
Updated-07 Aug, 2024 | 11:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aGraphicsMagick
Product-graphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9823
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9839
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.67% / 70.47%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access).

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9833
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9834
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9819
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9845
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.42% / 60.92%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.

Action-Not Available
Vendor-n/aCanonical Ltd.SUSEopenSUSEImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitstudio_onsitesuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9822
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9836
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 59.00%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9840
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 59.00%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9821
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9824
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.47%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9843
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.09% / 77.00%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.ImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serversuse_linux_enterprise_software_development_kitleapimagemagickubuntu_linuxsuse_linux_enterprise_desktopopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9817
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9820
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9825
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.47%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9846
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.59% / 85.00%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.

Action-Not Available
Vendor-n/aCanonical Ltd.SUSEopenSUSEImageMagick Studio LLC
Product-suse_linux_enterprise_workstation_extensionsuse_linux_enterprise_serverleapsuse_linux_enterprise_software_development_kitstudio_onsitesuse_linux_enterprise_desktopimagemagickubuntu_linuxsuse_linux_enterprise_debuginfoopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9835
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9832
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.26%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-7275
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.19% / 40.77%
||
7 Day CHG~0.00%
Published-27 Mar, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-6502
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.34%
||
7 Day CHG~0.00%
Published-06 Mar, 2017 | 02:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-16669
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.13% / 77.44%
||
7 Day CHG~0.00%
Published-09 Nov, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxGraphicsMagick
Product-debian_linuxgraphicsmagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found