openSUSE Security Update : ImageMagick (openSUSE-2017-14)

This update for ImageMagick fixes the following issues : - CVE-2016-9556 Possible Heap-overflow found by fuzzing bsc1011130 - CVE-2016-9559 Possible NULL pointer access found by fuzzing bsc1011136 - CVE-2016-8707 Possible code execution in Tiff conver utility bsc1014159 - CVE-2016-8866 Memory...

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2952-1)

This update for ImageMagick fixes the following issues : - Memory allocation failure in AcquireMagickMemory CVE-2016-8862 bsc1007245 - update incomplete patch of CVE-2016-6823 bsc1001066 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE securi...

CVE-2016-8866

The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862...

CVE-2016-8862

The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure...

UBUNTU-CVE-2016-8862

The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure...

ImageMagick and GraphicsMagick -- DoS via specially crafted PNG file

Kurt Seifried reports: There is an issue in ImageMagick that is also present in GraphicsMagick. CVE-2011-3026 deals with libpng memory allocation, and limitations have been added so that a bad PNG can't cause the system to allocate a lot of memory and a denial of service. However on further...