35 matches found
CVE-2017-17913
CVE-2017-17913 affects GraphicsMagick, specifically a stack-based buffer over-read in WriteWEBPImage (coders/webp.c) caused by incompatibility with libwebp versions 0.5.0 and later. The description in the initial document notes GraphicsMagick 1.4 snapshot-20171217 Q8 as affected. Connected docume...
ImageMagick Stack Buffer Overflow Vulnerability
ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A stack buffer overflow vulnerability exists in WriteWEBPImage in coders/webp.c in ImageMagick version 7.0.7-16 Q16 x8664 2017-12-21. An attacker can exploit this...
CVE-2017-17880
CVE-2017-17880 refers to ImageMagick 7.0.7-16 Q16 x86_64 where a stack-based buffer over-read occurs in the WriteWEBPImage path (coders/webp.c) due to a WEBP_DECODER_ABI_VERSION check. The connected Nessus entry for CVE-2017-17880 shows the issue as unpatched in some Linux distros (vendor patch n...
CVE-2017-17880
In ImageMagick 7.0.7-16 Q16 x8664 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBPDECODERABIVERSION check...
CVE-2017-14138
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...
CVE-2017-14137
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header...
CVE-2017-14138
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...
Memory corruption
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...
CVE-2017-14137
CVE-2017-14137 affects ImageMagick 7.0.6-5, where ReadWEBPImage (coders/webp.c) allocates memory based solely on a header length field, causing excessive memory allocation. This can lead to memory exhaustion/DoS. The incident is documented with this exact technical detail; no fix/version or remed...
CVE-2017-14138
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors...
Heap overflow
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...
CVE-2017-9994
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...
CVE-2017-9994
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...
CVE-2017-9994
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...
CVE-2017-9994
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecifie...