Filtered by vendor Imagemagick
Subscriptions
Filtered by product Imagemagick
Subscriptions
Total
645 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-1797 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-08-07 | N/A |
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667. | ||||
CVE-2007-0770 | 2 Graphicsmagick, Imagemagick | 2 Graphicsmagick, Imagemagick | 2024-08-07 | N/A |
Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: this issue is due to an incomplete patch for CVE-2006-5456. | ||||
CVE-2008-1096 | 2 Imagemagick, Redhat | 3 Graphicsmagick, Imagemagick, Enterprise Linux | 2024-08-07 | N/A |
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function. | ||||
CVE-2008-1097 | 2 Imagemagick, Redhat | 3 Graphicsmagick, Imagemagick, Enterprise Linux | 2024-08-07 | N/A |
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. | ||||
CVE-2009-1882 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-08-07 | N/A |
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information. | ||||
CVE-2010-4167 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-08-07 | N/A |
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. | ||||
CVE-2012-3437 | 1 Imagemagick | 1 Imagemagick | 2024-08-06 | N/A |
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. | ||||
CVE-2012-1798 | 4 Debian, Imagemagick, Opensuse and 1 more | 11 Debian Linux, Imagemagick, Opensuse and 8 more | 2024-08-06 | 6.5 Medium |
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. | ||||
CVE-2012-1610 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-08-06 | 7.5 High |
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259. | ||||
CVE-2012-1186 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-08-06 | 5.5 Medium |
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248. | ||||
CVE-2012-1185 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-08-06 | 7.8 High |
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247. | ||||
CVE-2012-0259 | 5 Canonical, Debian, Imagemagick and 2 more | 5 Ubuntu Linux, Debian Linux, Imagemagick and 2 more | 2024-08-06 | 6.5 Medium |
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read. | ||||
CVE-2012-0260 | 5 Canonical, Debian, Imagemagick and 2 more | 12 Ubuntu Linux, Debian Linux, Imagemagick and 9 more | 2024-08-06 | 6.5 Medium |
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. | ||||
CVE-2012-0248 | 4 Canonical, Debian, Imagemagick and 1 more | 11 Ubuntu Linux, Debian Linux, Imagemagick and 8 more | 2024-08-06 | 5.5 Medium |
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. | ||||
CVE-2012-0247 | 4 Canonical, Debian, Imagemagick and 1 more | 11 Ubuntu Linux, Debian Linux, Imagemagick and 8 more | 2024-08-06 | 8.8 High |
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. | ||||
CVE-2013-4298 | 1 Imagemagick | 1 Imagemagick | 2024-08-06 | N/A |
The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image. | ||||
CVE-2014-9915 | 1 Imagemagick | 1 Imagemagick | 2024-08-06 | N/A |
Off-by-one error in ImageMagick before 6.6.0-4 allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM profile. | ||||
CVE-2014-9846 | 5 Canonical, Imagemagick, Opensuse and 2 more | 11 Ubuntu Linux, Imagemagick, Leap and 8 more | 2024-08-06 | N/A |
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. | ||||
CVE-2014-9834 | 1 Imagemagick | 1 Imagemagick | 2024-08-06 | N/A |
Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. | ||||
CVE-2014-9840 | 1 Imagemagick | 1 Imagemagick | 2024-08-06 | N/A |
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. |