44 matches found
EUVD-2017-3154
Malware in sbrugna...
SUSE CVE-2017-11522
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file...
SUSE CVE-2017-11722
The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file, because the program's actual control flow was inconsistent with its indentation. This resulted in a logging...
SUSE CVE-2017-17884
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file...
Ubuntu 16.04 ESM : ImageMagick vulnerabilities (USN-5335-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5335-1 advisory. It was discovered that ImageMagick incorrectly handled certain values when processing XPM image data or large images. If a user or automated system using...
openSUSE Security Update : ImageMagick (openSUSE-2021-148)
This update for ImageMagick fixes the following issues : - CVE-2020-19667: Fixed a stack-based buffer overflow in XPM coder could result in a crash bsc1179103. - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel bsc1179202. - CVE-2020-25665: Fixed a heap-based buffer overflow in...
CVE-2020-25674
WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...
Heap overflow
WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...
CVE-2020-25664
In WriteOnePNGImage of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory and memset allows for an out-of-bounds write later when PopShortPixel from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply ...
CVE-2020-25664
In WriteOnePNGImage of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory and memset allows for an out-of-bounds write later when PopShortPixel from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply ...
CVE-2020-25664
In WriteOnePNGImage of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory and memset allows for an out-of-bounds write later when PopShortPixel from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply ...
CVE-2020-25674
WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times,...
Arbitrary Code Execution
imagemagick is vulnerable to arbitrary code execution. A heap-based buffer overflow in WriteOnePNGImage in coders/png.c allows an attacker to execute arbitrary code via a malicious file...
Arbtirary Code Execution
graphicsmagick is vulnerable to arbitrary code execution. A heap-based buffer over-read in WriteOnePNGImage in coders/png.c allows an attacker to execute arbitrary code on the host OS via a malicious file...
PT-2019-5853 · Imagemagick +5 · Imagemagick +5
Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.0.8-68 Description: The issue is related to the WriteOnePNGImage function from coders/png.c the PNG coder which has a for loop with an improper exit condition. This can allow an out-of-bounds READ via...
imagemagick/encoder_icon_fuzzer: Use-of-uninitialized-value in PushColormapIndex
Detailed report: https://oss-fuzz.com/testcase?key=5657487311634432 Project: imagemagick Fuzzer: libFuzzerimagemagickencodericonfuzzer Fuzz target binary: encodericonfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...
CVE-2017-17884
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file...
CVE-2017-17884
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file...
CVE-2017-17884
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file...
UBUNTU-CVE-2017-17884
In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file...