Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-4986

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-24 Sep, 2007 | 22:00
Updated At-07 Aug, 2024 | 15:17
Rejected At-
Credits

Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:24 Sep, 2007 | 22:00
Updated At:07 Aug, 2024 | 15:17
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/27364
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/36738
vdb-entry
x_refsource_XF
http://secunia.com/advisories/29857
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0145.html
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/archive/1/483572/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.ubuntu.com/usn/usn-523-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/27309
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/29786
third-party-advisory
x_refsource_SECUNIA
http://www.imagemagick.org/script/changelog.php
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2007/3245
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/35316
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200710-27.xml
vendor-advisory
x_refsource_GENTOO
http://www.securitytracker.com/id?1018729
vdb-entry
x_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/27048
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0165.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/28721
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/27439
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1743
x_refsource_CONFIRM
http://www.debian.org/security/2009/dsa-1858
vendor-advisory
x_refsource_DEBIAN
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html
mailing-list
x_refsource_MLIST
http://secunia.com/advisories/26926
third-party-advisory
x_refsource_SECUNIA
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594
third-party-advisory
x_refsource_IDEFENSE
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035
vendor-advisory
x_refsource_MANDRIVA
http://www.securityfocus.com/bid/25763
vdb-entry
x_refsource_BID
http://bugs.gentoo.org/show_bug.cgi?id=186030
x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2007_23_sr.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/36260
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/27364
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36738
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/29857
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0145.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/archive/1/483572/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.ubuntu.com/usn/usn-523-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/27309
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/29786
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.imagemagick.org/script/changelog.php
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2007/3245
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/35316
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-27.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securitytracker.com/id?1018729
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/27048
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0165.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/28721
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/27439
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-1743
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2009/dsa-1858
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://secunia.com/advisories/26926
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.securityfocus.com/bid/25763
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=186030
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.novell.com/linux/security/advisories/2007_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/36260
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/27364
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/36738
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/29857
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0145.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/archive/1/483572/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.ubuntu.com/usn/usn-523-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/27309
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/29786
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.imagemagick.org/script/changelog.php
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2007/3245
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/35316
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200710-27.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securitytracker.com/id?1018729
vdb-entry
x_refsource_SECTRACK
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/27048
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0165.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/28721
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/27439
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-1743
x_refsource_CONFIRM
x_transferred
http://www.debian.org/security/2009/dsa-1858
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html
mailing-list
x_refsource_MLIST
x_transferred
http://secunia.com/advisories/26926
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594
third-party-advisory
x_refsource_IDEFENSE
x_transferred
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.securityfocus.com/bid/25763
vdb-entry
x_refsource_BID
x_transferred
http://bugs.gentoo.org/show_bug.cgi?id=186030
x_refsource_CONFIRM
x_transferred
http://www.novell.com/linux/security/advisories/2007_23_sr.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/36260
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/27364
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36738
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/29857
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0145.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/483572/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-523-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/27309
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/29786
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.imagemagick.org/script/changelog.php
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/3245
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/35316
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-27.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018729
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/27048
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0165.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/28721
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/27439
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1743
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2009/dsa-1858
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://secunia.com/advisories/26926
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/25763
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=186030
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2007_23_sr.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/36260
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:24 Sep, 2007 | 22:17
Updated At:15 Oct, 2018 | 21:39

Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.3.3
cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.3.8
cpe:2.3:a:imagemagick:imagemagick:5.3.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.2.3
cpe:2.3:a:imagemagick:imagemagick:5.4.2.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.3
cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.4.5
cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.7
cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.8
cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.4.8.2_1.1.0
cpe:2.3:a:imagemagick:imagemagick:5.4.8.2_1.1.0:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.3_.2_1.2.0
cpe:2.3:a:imagemagick:imagemagick:5.5.3_.2_1.2.0:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.4
cpe:2.3:a:imagemagick:imagemagick:5.5.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.6
cpe:2.3:a:imagemagick:imagemagick:5.5.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.6.0_20030409
cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_20030409:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.7
cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>5.5.7.15
cpe:2.3:a:imagemagick:imagemagick:5.5.7.15:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0
cpe:2.3:a:imagemagick:imagemagick:6.0:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.1
cpe:2.3:a:imagemagick:imagemagick:6.0.1:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.2
cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.2.5
cpe:2.3:a:imagemagick:imagemagick:6.0.2.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.3
cpe:2.3:a:imagemagick:imagemagick:6.0.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.4
cpe:2.3:a:imagemagick:imagemagick:6.0.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.4.4
cpe:2.3:a:imagemagick:imagemagick:6.0.4.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.5
cpe:2.3:a:imagemagick:imagemagick:6.0.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.6
cpe:2.3:a:imagemagick:imagemagick:6.0.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.6.2
cpe:2.3:a:imagemagick:imagemagick:6.0.6.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.7
cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.0.8
cpe:2.3:a:imagemagick:imagemagick:6.0.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1
cpe:2.3:a:imagemagick:imagemagick:6.1:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.1
cpe:2.3:a:imagemagick:imagemagick:6.1.1:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.2
cpe:2.3:a:imagemagick:imagemagick:6.1.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.3
cpe:2.3:a:imagemagick:imagemagick:6.1.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.4
cpe:2.3:a:imagemagick:imagemagick:6.1.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.5
cpe:2.3:a:imagemagick:imagemagick:6.1.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.6
cpe:2.3:a:imagemagick:imagemagick:6.1.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.7
cpe:2.3:a:imagemagick:imagemagick:6.1.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.1.8
cpe:2.3:a:imagemagick:imagemagick:6.1.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2
cpe:2.3:a:imagemagick:imagemagick:6.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.0.3
cpe:2.3:a:imagemagick:imagemagick:6.2.0.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.0.7
cpe:2.3:a:imagemagick:imagemagick:6.2.0.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.1
cpe:2.3:a:imagemagick:imagemagick:6.2.1:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.2
cpe:2.3:a:imagemagick:imagemagick:6.2.2:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.3
cpe:2.3:a:imagemagick:imagemagick:6.2.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.3.4
cpe:2.3:a:imagemagick:imagemagick:6.2.3.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.4
cpe:2.3:a:imagemagick:imagemagick:6.2.4:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.4.3
cpe:2.3:a:imagemagick:imagemagick:6.2.4.3:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.4.5
cpe:2.3:a:imagemagick:imagemagick:6.2.4.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.5
cpe:2.3:a:imagemagick:imagemagick:6.2.5:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.6
cpe:2.3:a:imagemagick:imagemagick:6.2.6:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.7
cpe:2.3:a:imagemagick:imagemagick:6.2.7:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.8
cpe:2.3:a:imagemagick:imagemagick:6.2.8:*:*:*:*:*:*:*
ImageMagick Studio LLC
imagemagick
>>imagemagick>>6.2.9
cpe:2.3:a:imagemagick:imagemagick:6.2.9:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=186030cve@mitre.org
N/A
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594cve@mitre.org
N/A
http://secunia.com/advisories/26926cve@mitre.org
N/A
http://secunia.com/advisories/27048cve@mitre.org
N/A
http://secunia.com/advisories/27309cve@mitre.org
N/A
http://secunia.com/advisories/27364cve@mitre.org
N/A
http://secunia.com/advisories/27439cve@mitre.org
N/A
http://secunia.com/advisories/28721cve@mitre.org
N/A
http://secunia.com/advisories/29786cve@mitre.org
N/A
http://secunia.com/advisories/29857cve@mitre.org
N/A
http://secunia.com/advisories/35316cve@mitre.org
N/A
http://secunia.com/advisories/36260cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200710-27.xmlcve@mitre.org
N/A
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.htmlcve@mitre.org
N/A
http://www.debian.org/security/2009/dsa-1858cve@mitre.org
N/A
http://www.imagemagick.org/script/changelog.phpcve@mitre.org
N/A
http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035cve@mitre.org
N/A
http://www.novell.com/linux/security/advisories/2007_23_sr.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0145.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0165.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/483572/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/25763cve@mitre.org
Patch
http://www.securitytracker.com/id?1018729cve@mitre.org
N/A
http://www.ubuntu.com/usn/usn-523-1cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/3245cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/36738cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-1743cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963cve@mitre.org
N/A
Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=186030
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/26926
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27048
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27309
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27364
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/27439
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/28721
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/29786
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/29857
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/35316
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/36260
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200710-27.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2009/dsa-1858
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.imagemagick.org/script/changelog.php
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2007_23_sr.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0145.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0165.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/483572/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/25763
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securitytracker.com/id?1018729
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-523-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/3245
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/36738
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1743
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9963
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

173Records found
CVE-2007-1797
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-7.12% / 91.17%
||
7 Day CHG~0.00%
Published-02 Apr, 2007 | 22:00
Updated-07 Aug, 2024 | 13:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-189
Not Available
CVE-2016-5688
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-2.39% / 84.40%
||
7 Day CHG~0.00%
Published-13 Dec, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.

Action-Not Available
Vendor-n/aImageMagick Studio LLCOracle Corporation
Product-imagemagicksolarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.67%
||
7 Day CHG-1.03%
Published-04 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-9135
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.34% / 55.83%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 08:00
Updated-05 Aug, 2024 | 07:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-8960
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.39% / 58.91%
||
7 Day CHG~0.00%
Published-23 Mar, 2018 | 21:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-4562
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.67%
||
7 Day CHG-0.42%
Published-04 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-8804
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.41% / 60.79%
||
7 Day CHG~0.00%
Published-20 Mar, 2018 | 05:00
Updated-05 Aug, 2024 | 07:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-415
Double Free
CVE-2018-5248
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.68% / 81.40%
||
7 Day CHG~0.00%
Published-05 Jan, 2018 | 19:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10065
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.23%
||
7 Day CHG~0.00%
Published-03 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-10056
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.32%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10051
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 55.97%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-416
Use After Free
CVE-2016-10052
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10054
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.19%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.19%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10059
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 58.98%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10055
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.34% / 56.19%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10064
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10063
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.88% / 74.40%
||
7 Day CHG~0.00%
Published-02 Mar, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10050
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

Action-Not Available
Vendor-n/aopenSUSEImageMagick Studio LLC
Product-leapimagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10049
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.52%
||
7 Day CHG~0.00%
Published-23 Mar, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12599
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.31% / 53.47%
||
7 Day CHG~0.00%
Published-20 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-9828
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.50% / 64.82%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-284
Improper Access Control
CVE-2018-12600
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.31% / 53.47%
||
7 Day CHG~0.00%
Published-20 Jun, 2018 | 18:00
Updated-05 Aug, 2024 | 08:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLCDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuximagemagickn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-9823
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9827
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.41% / 60.63%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-284
Improper Access Control
CVE-2014-9833
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9834
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9831
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.50% / 64.82%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-284
Improper Access Control
CVE-2014-9830
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.50% / 64.82%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-284
Improper Access Control
CVE-2014-9819
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9822
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11625
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.19% / 41.41%
||
7 Day CHG~0.00%
Published-31 May, 2018 | 16:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2014-9821
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9824
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.47%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9817
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9820
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.33%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9825
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.47%
||
7 Day CHG~0.00%
Published-30 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9835
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.94%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9832
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.26%
||
7 Day CHG~0.00%
Published-22 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-16413
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.52% / 65.94%
||
7 Day CHG~0.00%
Published-03 Sep, 2018 | 19:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11624
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.25% / 47.86%
||
7 Day CHG~0.00%
Published-31 May, 2018 | 16:00
Updated-16 Sep, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-imagemagickn/a
CWE ID-CWE-416
Use After Free
CVE-2014-2030
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-20.77% / 95.38%
||
7 Day CHG~0.00%
Published-06 Feb, 2020 | 14:58
Updated-06 Aug, 2024 | 09:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.

Action-Not Available
Vendor-n/aImageMagick Studio LLCopenSUSECanonical Ltd.
Product-opensuseubuntu_linuximagemagickn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2014-1958
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.30% / 78.92%
||
7 Day CHG~0.00%
Published-06 Feb, 2020 | 14:58
Updated-06 Aug, 2024 | 09:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030.

Action-Not Available
Vendor-n/aImageMagick Studio LLCopenSUSECanonical Ltd.
Product-opensuseubuntu_linuximagemagickn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2008-1097
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-6.00% / 90.33%
||
7 Day CHG~0.00%
Published-05 Mar, 2008 | 20:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption.

Action-Not Available
Vendor-n/aImageMagick Studio LLC
Product-graphicsmagickimagemagickn/a
CWE ID-CWE-399
Not Available
CVE-2007-4988
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.99% / 82.86%
||
7 Day CHG~0.00%
Published-24 Sep, 2007 | 22:00
Updated-07 Aug, 2024 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.

Action-Not Available
Vendor-n/aImageMagick Studio LLCCanonical Ltd.
Product-ubuntu_linuximagemagickn/a
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2022-32547
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.31%
||
7 Day CHG~0.00%
Published-16 Jun, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora ProjectImageMagick Studio LLC
Product-enterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2022-32546
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.77%
||
7 Day CHG~0.00%
Published-16 Jun, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora ProjectImageMagick Studio LLC
Product-extra_packages_for_enterprise_linuxenterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-32545
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.31%
||
7 Day CHG~0.00%
Published-16 Jun, 2022 | 00:00
Updated-03 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

Action-Not Available
Vendor-n/aRed Hat, Inc.Fedora ProjectImageMagick Studio LLC
Product-extra_packages_for_enterprise_linuxenterprise_linuxfedoraimagemagickImageMagick
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-5510
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.34%
||
7 Day CHG~0.00%
Published-24 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.

Action-Not Available
Vendor-n/aDebian GNU/LinuxImageMagick Studio LLC
Product-debian_linuximagemagickn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-28463
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.27%
||
7 Day CHG~0.00%
Published-08 May, 2022 | 00:00
Updated-21 Nov, 2024 | 06:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.

Action-Not Available
Vendor-n/aDebian GNU/LinuxImageMagick Studio LLC
Product-debian_linuximagemagickn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found