21 matches found
UBUNTU-CVE-2026-25983
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it,...
Expired Pointer Dereference
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Expired Pointer Dereference
Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Expired Pointer Dereference
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Expired Pointer Dereference
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2026-25983 ImageMagick has Use After Free in MSLStartElement in "coders/msl.c"
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it,...
Expired Pointer Dereference
Overview Affected versions of this package are vulnerable to Expired Pointer Dereference in ReadBlobString, when handling MSL scripts. An attacker can cause a denial of service by submitting malicious MSL input that triggers a heap-use-after-free condition. Remediation A fix was pushed into the...
Expired Pointer Dereference
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Expired Pointer Dereference
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Expired Pointer Dereference
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Expired Pointer Dereference
Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Expired Pointer Dereference
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
imagemagick/encoder_b_fuzzer: Use-of-uninitialized-value in ReadBlobString
Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=4831902440620032 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderbfuzzer Fuzz target binary: encoderbfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...
GLSA-200710-27 : ImageMagick: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200710-27 ImageMagick: Multiple vulnerabilities regenrecht reported multiple infinite loops in functions ReadDCMImage and ReadXCFImage CVE-2007-4985, multiple integer overflows when handling certain types of images CVE-2007-4986,...
ImageMagick blob.c文件单字节缓冲区溢出漏洞
BUGTRAQ ID: 25766 CVECAN ID: CVE-2007-4987 ImageMagick是一款Unix/Linux平台下开源的图像查看和编辑工具。 ImageMagick在处理畸形格式的文件时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞通过诱使用户打开处理恶意文件控制系统。 magick/blob.c文件中的ReadBlobString函数存在缓冲区溢出漏洞: 3110 for i=0; i long MaxTextExtent; i++ 3111 3112 p=ReadBlobStreamimage,1,buffer,&count; ... 3119...
Out-of-bounds
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...
CVE-2007-4987
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...
DEBIAN-CVE-2007-4987
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...
CVE-2007-4987
ImageMagick is affected by CVE-2007-4987 due to an off-by-one error in ReadBlobString (blob.c) that can allow context-dependent attackers to execute arbitrary code via a crafted image file. Impact arises from writing a NULL character ('\0') to an out-of-bounds address. The vulnerability is descri...
CVE-2007-4987
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address...