2179 matches found
ImageMagick 'EncodeImageAttributes' function memory leak vulnerability
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A memory leak vulnerability exists in the 'EncodeImageAttributes' function of the coders/json.c file in ImageMagick...
Debian DSA-4074-1 : imagemagick - security update
This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. %NASLMINLEVEL 70300 C Tenabl...
UBUNTU-CVE-2017-17914
In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service ReadOneMNGImage large loop via a crafted mng image file...
CVE-2017-17501
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file...
CVE-2017-16401
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...
Design/Logic Flaw
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...
CVE-2017-16401
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...
CVE-2017-16410
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the...
[SECURITY] [DLA 1168-1] graphicsmagick security update
Package : graphicsmagick Version : 1.3.16-1.1+deb7u14 CVE ID : CVE-2017-16669 A remote denial of service vulnerability has been discovered in graphicsmagick, a collection of image processing tools and associated libraries. A specially crafted file can be used to produce a heap-based buffer overfl...
GraphicsMagick Denial of Service Vulnerability (CNVD-2017-36019)
GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A security vulnerability exists in the 'ReadWPGImage' function in the coders/wpg.c file in GraphicsMagick version 1.3.26. A remote attacker can exploit this...
GraphicsMagick Multiple Vulnerabilities
Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is “The swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeler’s SLOCCount of source code in the base package or 1,225K including 3r...
GraphicsMagick Denial of Service Vulnerability (CNVD-2017-33283)
GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A denial of service vulnerability exists in the 'DrawImage' function of the magick/render.c file in GraphicsMagick version 1.3.26, which can be exploited by...
GraphicsMagick Memory Disclosure / Heap Overflow
'''Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is aThe swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeleras SLOCCount of source code in the base package or 1,225K including...
CVE-2017-15277
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data...
UBUNTU-CVE-2017-15277
ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data...
ImageMagick Denial of Service Vulnerability (CNVD-2017-30501)
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the ReadOneJNGImage of coders/png.c file in ImageMagick version 7.0.7-2. A...
Memory Corruption Vulnerability in PSD Image Processing by PictureQuest Software
Look at the picture is a picture browsing tool. A memory corruption vulnerability exists in the handling of PSD format images. An attacker can cause the program to crash or cause arbitrary code execution by constructing a malformed PSD format...
CVE-2017-14994
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted DICOM image, related to the ability of DCMReadNonNativeImages to yield an image list with zero frames...
CVE-2017-14265
A stack buffer overflow flaw was found in the way dcraw handled processing of RAW image files. This flaw could potentially be used to crash the dcraw process by supplying it a specially crafted image file...
CVE-2017-14607
In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to ReadTIFFImage has been reported in coders/tiff.c. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...