CVE-2019-17541

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...

CVE-2019-17541

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...

Double free

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...

CVE-2019-17541

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...

CVE-2019-17541

CVE-2019-17541 : ImageMagick prior to 7.0.8-55 contains a use-after-free in DestroyStringInfo (MagickCore/string.c) due to mishandling of the error manager in coders/jpeg.c. This can lead to arbitrary code execution or crashes as described by the CVE entry (impact to confidentiality, integrity, a...

CVE-2019-17541

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...

CVE-2019-17541

ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c...

Heap Overflow

libgdkpixbuf-2.0.so is vulnerable to heap overflows. A malicious user can pass a jpeg file to the gdkpixbufjpegimageloadincrement function in io-jpeg.c, causing a heap overflow that can crash the application or cause arbitrary code to be executed...

SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2018:0486-1)

This update for ImageMagick fixes the following issues : - CVE-2017-9407: In ImageMagick, the ReadPALMImage function in palm.c allowed attackers to cause a denial of service memory leak via a crafted file. bsc1042824 - CVE-2017-11448: The ReadJPEGImage function in coders/jpeg.c in ImageMagick...

CVE-2017-11450

coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via JPEG data that is too short...

CVE-2017-9207

The iwgetui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted image, related to imagew-jpeg.c...

CVE-2017-9204

The iwgetui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service invalid read and SEGV via a crafted image, related to imagew-jpeg.c...

CVE-2017-9205

The iwgetui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service invalid read and SEGV via a crafted image, related to imagew-jpeg.c...

Heap overflow

The iwgetui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted image, related to imagew-jpeg.c...

CVE-2017-9204

CVE-2017-9204 affects ImageWorsener 1.3.1. The vulnerability is in the function iw_get_ui16le (imagew-util.c:405:23) of the libimageworsener.a binary and is related to imagew-jpeg.c, allowing remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image. The available ...

CVE-2017-9207

The CVE-2017-9207 entry affects ImageWorsener 1.3.1, where the iw_get_ui16be function in imagew-util.c:422:24 within libimageworsener.a is vulnerable. A crafted image can trigger a heap-based buffer over-read, related to imagew-jpeg.c, leading to a denial of service. Exploitation details or in-th...

CVE-2017-9206

The vulnerability CVE-2017-9206 affects ImageWorsener 1.3.1 (libimageworsener.a); the iw_get_ui16le function in imagew-util.c:405:23 is vulnerable to a crafted image, via imagew-jpeg.c, causing a remote-denial-of-service heap-based buffer over-read. This is confirmed across multiple sources (NVD,...

CVE-2017-9093

The myskipinputdatafn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service infinite loop via a crafted image...

Code injection

The myskipinputdatafn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service infinite loop via a crafted image...

CVE-2017-9093

The CVE-2017-9093 vulnerability affects ImageWorsener 1.3.1 in the my_skip_input_data_fn function within imagew-jpeg.c of libimageworsener.a. A crafted image can trigger a denial of service by causing an infinite loop. Affected component is the image processing library/file rather than a broader ...