CVE-2017-16401

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

CVE-2017-16410

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the...

[SECURITY] [DLA 1168-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u14 CVE ID : CVE-2017-16669 A remote denial of service vulnerability has been discovered in graphicsmagick, a collection of image processing tools and associated libraries. A specially crafted file can be used to produce a heap-based buffer overfl...

GraphicsMagick Denial of Service Vulnerability (CNVD-2017-36019)

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A security vulnerability exists in the 'ReadWPGImage' function in the coders/wpg.c file in GraphicsMagick version 1.3.26. A remote attacker can exploit this...

GraphicsMagick Multiple Vulnerabilities

Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is “The swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeler’s SLOCCount of source code in the base package or 1,225K including 3r...

GraphicsMagick Denial of Service Vulnerability (CNVD-2017-33283)

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A denial of service vulnerability exists in the 'DrawImage' function of the magick/render.c file in GraphicsMagick version 1.3.26, which can be exploited by...

GraphicsMagick Memory Disclosure / Heap Overflow

'''Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is aThe swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeleras SLOCCount of source code in the base package or 1,225K including...

CVE-2017-15277

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data...

UBUNTU-CVE-2017-15277

ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data...

ImageMagick Denial of Service Vulnerability (CNVD-2017-30501)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the ReadOneJNGImage of coders/png.c file in ImageMagick version 7.0.7-2. A...

Memory Corruption Vulnerability in PSD Image Processing by PictureQuest Software

Look at the picture is a picture browsing tool. A memory corruption vulnerability exists in the handling of PSD format images. An attacker can cause the program to crash or cause arbitrary code execution by constructing a malformed PSD format...

CVE-2017-14994

ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted DICOM image, related to the ability of DCMReadNonNativeImages to yield an image list with zero frames...

CVE-2017-14265

A stack buffer overflow flaw was found in the way dcraw handled processing of RAW image files. This flaw could potentially be used to crash the dcraw process by supplying it a specially crafted image file...

CVE-2017-14607

In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

[SECURITY] Fedora 25 Update: vips-8.4.4-1.fc25.1

VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...

[SECURITY] Fedora 26 Update: vips-8.5.8-2.fc26

VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...

Artifex MuPDf JBIG2 Parser Code Execution Vulnerability(CVE-2016-8729)

Summary An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the...

ImageMagick ReadMATImage Function Denial of Service Vulnerability

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A denial of service vulnerability exists in the ReadMATImage function in coders/mat.c in ImageMagick, which can be exploited by an attacker to cause a denial of servic...

ImageMagick memory leak vulnerability (CNVD-2017-25389)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A memory leak vulnerability exists in the WriteMSLImage of the coders/msl.c file in ImageMagick version 7.0.6-2. An...

Gdk-Pixbuf JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability. Tested...