14 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-15277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a...
SUSE: Security Advisory (SUSE-SU-2018:0043-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0017-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Graphicsmagick
ImageMagick-CVE-2017...
Valve: ImageMagick GIF coder vulnerability leading to memory disclosure
Due to CVE-2017-15277, portions of server memory on some steamcommunity web servers could be leaked via image updates. An attacker would not be able to control what memory would be returned, but system information could be obtained. I was able to arbitrarily disclose server memory on...
Debian: Security Advisory (DLA-1140-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2018:0043-1 Security update for ImageMagick
This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2017-14343: Fixed a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file bsc1058422. - CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allowed remote attackers to...
openSUSE Security Update : GraphicsMagick (openSUSE-2017-1386)
This update for GraphicsMagick fixes the following issues : - CVE-2017-14042: Denial of service through a large memory allocation via specially crafted PNM images boo1056550 - CVE-2017-14504: NULL pointer dereference via specially crafted PNM images boo1059721 - CVE-2017-17498: Denial of service ...
[SECURITY] [DSA 4040-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4040-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2017 https://www.debian.org/security/faq -...
Debian DLA-1140-1 : graphicsmagick security update
Immediately after the previous update to graphicsmagick, two more security issues were identified. These updates are included here. CVE-2017-13737 Incorrect rounding up resulted in scrambling the heap beyond the allocation. CVE-2017-15277 Left the palette uninitialized when processing a GIF file...
[SECURITY] [DLA 1140-1] graphicsmagick security update
Package : graphicsmagick Version : 1.3.16-1.1+deb7u11 CVE ID : CVE-2017-13737 CVE-2017-15277 Immediately after the previous update to graphicsmagick, two more security issues were identified. These updates are included here. CVE-2017-13737 Incorrect rounding up resulted in scrambling the heap...
CVE-2017-15277
CVE-2017-15277 affects ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26: ReadGIFImage leaves the GIF palette uninitialized when there is neither a global nor local palette, enabling potential leakage of data from untrusted input if the product is used as a library. This is a data-leak (information d...
CVE-2017-15277
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data...
Mail.ru: Unupdated ImageMagic leads to uninitialized server memory disclosure
It was possible to disclosure the part of server memory from uncontrolled location on account.my.com project via uploaded GIF image header manipulation. account.my.com is not currently in the Bug Bounty scope, reward was paid as a bonus due to potential severity. CVE-2017-15277...