Linux Distros Unpatched Vulnerability : CVE-2017-17499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp. CVE-2017-17499 Note that Nessus relie...

Privilege escalation

ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service...

CVE-2017-17881

In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file...

ImageMagick memory leak vulnerability (CNVD-2018-00094)

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A memory leak vulnerability exists in the ReadMATImage function in coders/mat.c in ImageMagick version 7.0.7-12 Q16. An attacker can exploit this vulnerability to caus...

ImageMagick memory leak vulnerability (CNVD-2018-00098)

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A memory leak vulnerability exists in the ReadPICTImage function in coders/pict.c in ImageMagick version 7.0.7-12 Q16. An attacker can exploit this vulnerability to...

CVE-2017-17883

ImageMagick 7.0.7-12 Q16 is affected by a memory-leak vulnerability in ReadPGXImage (coders/pgx.c) that can cause denial of service via a crafted PGX image file. The issue is documented across multiple sources (SUSE, Red Hat, Ubuntu and OSV/NVD mirrors). No public exploitation details or remediat...

CVE-2017-17882

Technical details (affected versions, root cause, exploit information, and patch status) for CVE-2017-17882 are not provided in the connected documents. Monitor for updates.

CVE-2017-17886

ImageMagick 7.0.7-12 Q16 (ReadPSDChannelZip in coders/psd.c) contains a memory-leak vulnerability that can be exploited to cause a denial of service via a crafted PSD image. The description explicitly ties this CVE-2017-17886 to a PSD parsing path in ReadPSDChannelZip, leading to resource exhaust...

CVE-2017-17682

In ImageMagick 7.0.7-12 Q16, a large loop vulnerability was found in the function ExtractPostscript in coders/wpg.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted wpg image file that triggers a ReadWPGImage call...

Code injection

In ImageMagick 7.0.7-12 Q16, an infinite loop vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service CPU exhaustion via a crafted psd image file...

CVE-2017-17680

CVE-2017-17680 affects ImageMagick 7.0.7-12 Q16; memory leak in ReadXPMImage (coders/xpm.c) can cause denial of service via a crafted XPM image. No exploitation details or patched version are provided in the supplied documents; remediation not specified.

CVE-2017-17504

CVE-2017-17504 affects ImageMagick prior to 7.0.7-12. The vulnerability is a heap-based buffer over-read in the PNG coder (png.c: Magick_png_read_raw_profile), triggered by a crafted file, related to ReadOneMNGImage. Exploitation could allow memory access beyond bounds when processing a malicious...