47 matches found
EUVD-2017-3255
Malware in sbrugna...
SUSE CVE-2017-12935
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c...
CVE-2017-18230
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file...
Design/Logic Flaw
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service magick/blob.c CloseBlob use-after-free or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403...
Heap overflow
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file...
CVE-2017-17498
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service bitstream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
Heap overflow
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file...
CVE-2017-17500
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file...
CVE-2017-17503
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file...
CVE-2017-17501
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file...
CVE-2017-17498
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service bitstream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
CVE-2017-16547
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service negative strncpy and application crash or possibly have unspecified other impact via a...
CVE-2017-16547
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service negative strncpy and application crash or possibly have unspecified other impact via a...
CVE-2017-16545
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service ImportIndexQuantumType invalid write and application crash or possibly have unspecified other impact via a malformed WPG ima...
CVE-2017-16545
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service ImportIndexQuantumType invalid write and application crash or possibly have unspecified other impact via a malformed WPG ima...
CVE-2017-14997
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service excessive memory allocation because of an integer underflow in ReadPICTImage in coders/pict.c...
CVE-2017-14994
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted DICOM image, related to the ability of DCMReadNonNativeImages to yield an image list with zero frames...
CVE-2017-14733
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...
CVE-2017-14733
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...
CVE-2017-14314
Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service DrawDashPolygon heap-based buffer over-read and application crash via a crafted file...