ImageMagick ReadXCFImage function memory leak vulnerability

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A memory leak vulnerability exists in the 'ReadXCFImage' function in the coders/xcf.c file in ImageMagick version 7.0.6-6. An attacker can exploit this vulnerability t...

DEBIAN-CVE-2017-13133

In ImageMagick 7.0.6-8, the loadlevel function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service loadtile memory exhaustion via a crafted file...

Infinite loops in ImageMagick's XCF and DCM coders

ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers 1 an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or 2 an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong...

Heap overflow

The loadtile function in the XCF coder in coders/xcf.c in 1 ImageMagick 6.2.8-0 and 2 GraphicsMagick aka gm 1.1.7 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly...

CVE-2008-1096

The loadtile function in the XCF coder in coders/xcf.c in 1 ImageMagick 6.2.8-0 and 2 GraphicsMagick aka gm 1.1.7 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly...

CVE-2008-1096

The CVE-2008-1096 issue affects ImageMagick (load_tile in the XCF coder) and GraphicsMagick, where a crafted .xcf file can trigger an out-of-bounds heap write, potentially causing a crash or remote code execution. Root cause: a faulty XCF decoding path (load_tile) with a heap write beyond bounds,...