4 matches found
DEBIAN-CVE-2020-25665
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory in routine WritePALMImage because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytesperrow in the call to AcquireQuantumMemory. This could cause...
CVE-2020-25665
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory in routine WritePALMImage because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytesperrow in the call to AcquireQuantumMemory. This could cause...
UBUNTU-CVE-2020-27761
WritePALMImage in /coders/palm.c used sizet casts in several areas of a calculation which could lead to values outside the range of representable type unsigned long undefined behavior when a crafted input file was processed by ImageMagick. The patch casts to ssizet instead to avoid this issue. Re...
ImageMagick Arbitrary Command Execution Vulnerability
ImageMagick is a free software for creating, editing, and compositing images.The use of most of ImageMagick's features comes from the command line tools. An arbitrary command execution vulnerability exists in ImageMagick versions prior to 6.9.4-0 and GraphicsMagick, which allows remote attackers ...