Cristy

175 exploits Active since Dec 2016
CVE-2016-7534 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-0 - Out-of-Bounds Read
The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.
CVSS 6.5
CVE-2016-7537 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.4-7 - Out-of-Bounds Read
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
CVSS 6.5
CVE-2016-7538 WRITEUP MEDIUM WRITEUP
Imagemagick - Out-of-Bounds Write
coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVSS 6.5
CVE-2016-7539 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.9-3 - Resource Management Error
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVSS 7.5
CVE-2016-7799 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.6-0 - Out-of-Bounds Read
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVSS 6.5
CVE-2016-7906 WRITEUP MEDIUM WRITEUP
Imagemagick - Use After Free
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVSS 5.5
CVE-2016-8677 WRITEUP HIGH WRITEUP
ImageMagick <7.0.3-1 - Memory Corruption
The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.
CVSS 8.8
CVE-2016-9298 WRITEUP MEDIUM WRITEUP
ImageMagick <6.9.6-4, <7.0.3-6 - Buffer Overflow
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
CVSS 5.5
CVE-2016-9556 WRITEUP MEDIUM WRITEUP
Imagemagick - Memory Corruption
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
CVSS 5.5
CVE-2016-9559 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.6-5 - NULL Pointer Dereference
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVSS 6.5
CVE-2017-11448 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.9-0 - Information Disclosure
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
CVSS 6.5
CVE-2017-11449 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.9-0 - Denial of Service
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
CVSS 8.8
CVE-2017-11450 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.9-0 - Denial of Service
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
CVSS 8.8
CVE-2017-11522 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.6.1 - DoS
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS 6.5
CVE-2017-11523 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.6.1 - DoS
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
CVSS 6.5
CVE-2017-12427 WRITEUP MEDIUM WRITEUP
ImageMagick <6.9.9.5 & <7.0.6.5 - DoS
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
CVSS 6.5
CVE-2017-12640 WRITEUP HIGH WRITEUP
Imagemagick - Out-of-Bounds Read
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
CVSS 8.8
CVE-2017-12641 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
CVSS 8.8
CVE-2017-12643 WRITEUP MEDIUM WRITEUP
Imagemagick - Resource Allocation Without Limits
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
CVSS 6.5
CVE-2017-12644 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
CVSS 8.8
CVE-2017-12662 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.
CVSS 8.8
CVE-2017-12663 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
CVSS 8.8
CVE-2017-12664 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.
CVSS 8.8
CVE-2017-12665 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c.
CVSS 8.8
CVE-2017-12666 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.
CVSS 8.8