Cristy

164 exploits Active since Dec 2016
CVE-2017-11449 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.9-0 - Denial of Service
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
CVSS 8.8
CVE-2017-11450 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.9-0 - Denial of Service
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
CVSS 8.8
CVE-2017-11522 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.6.1 - DoS
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS 6.5
CVE-2017-11523 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.6.1 - DoS
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
CVSS 6.5
CVE-2017-12427 WRITEUP MEDIUM WRITEUP
ImageMagick <6.9.9.5 & <7.0.6.5 - DoS
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
CVSS 6.5
CVE-2017-12640 WRITEUP HIGH WRITEUP
Imagemagick - Out-of-Bounds Read
ImageMagick 7.0.6-1 has an out-of-bounds read vulnerability in ReadOneMNGImage in coders/png.c.
CVSS 8.8
CVE-2017-12641 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c.
CVSS 8.8
CVE-2017-12643 WRITEUP MEDIUM WRITEUP
Imagemagick - Resource Allocation Without Limits
ImageMagick 7.0.6-1 has a memory exhaustion vulnerability in ReadOneJNGImage in coders\png.c.
CVSS 6.5
CVE-2017-12644 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c.
CVSS 8.8
CVE-2017-12662 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.
CVSS 8.8
CVE-2017-12663 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
CVSS 8.8
CVE-2017-12664 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.
CVSS 8.8
CVE-2017-12665 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c.
CVSS 8.8
CVE-2017-12666 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c.
CVSS 8.8
CVE-2017-12667 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c.
CVSS 8.8
CVE-2017-12668 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.
CVSS 8.8
CVE-2017-12669 WRITEUP HIGH WRITEUP
Imagemagick - Resource Leak
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c.
CVSS 8.8
CVE-2017-12876 WRITEUP MEDIUM WRITEUP
Imagemagick < 7.0.6-6 - Out-of-Bounds Write
Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-12877 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.9-6 - Use After Free
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-13142 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.9-0 - Improper Condition Check
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
CVSS 6.5
CVE-2017-13143 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.7-5 - Information Disclosure
In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.
CVSS 7.5
CVE-2017-13145 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.8-7 - Improper Input Validation
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
CVSS 6.5
CVE-2017-13146 WRITEUP HIGH WRITEUP
Imagemagick < 6.9.8-4 - Resource Leak
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
CVSS 8.8
CVE-2017-13658 WRITEUP MEDIUM WRITEUP
Imagemagick < 6.9.9-2 - Reachable Assertion
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
CVSS 6.5
CVE-2017-14172 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.7-0 - DoS
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5