Cristy

204 exploits Active since Dec 2016
CVE-2017-6498 WRITEUP MEDIUM WRITEUP
ImageMagick 6.9.7 - Denial of Service via Malformed TGA File
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
CVSS 5.5
CVE-2017-6500 WRITEUP MEDIUM WRITEUP
ImageMagick - Heap-Based Buffer Over-Read via Crafted SUN File
An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.
CVSS 5.5
CVE-2017-6501 WRITEUP MEDIUM WRITEUP
ImageMagick - NULL Pointer Dereference via Crafted XCF File
An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.
CVSS 5.5
CVE-2017-9098 WRITEUP HIGH WRITEUP
ImageMagick <7.0.5-2, GraphicsMagick <1.3.24 - Info Disclosure
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
CVSS 7.5
CVE-2017-9144 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.5-5 - Memory Corruption
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
CVSS 6.5
CVE-2018-16640 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-5 - Memory Corruption
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
CVSS 6.5
CVE-2018-16642 WRITEUP MEDIUM WRITEUP
ImageMagick - Denial of Service via Out-of-bounds Write in InsertRow Function
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
CVSS 6.5
CVE-2018-16643 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-4 - Denial of Service via Unchecked fputc Return Value
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
CVSS 6.5
CVE-2018-16644 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-11 - Denial of Service via Crafted Image in DCM and PICT Coders
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
CVSS 6.5
CVE-2018-16645 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.8-11 - Memory Corruption
There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.
CVSS 6.5
CVE-2018-16749 WRITEUP MEDIUM WRITEUP
ImageMagick < 6.9.9-42 - Denial of Service via Crafted JNG File
In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.
CVSS 6.5
CVE-2018-20467 WRITEUP MEDIUM WRITEUP
ImageMagick < 6.9.10-16 - Denial of Service via Infinite Loop in BMP Coder
In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2019-10131 WRITEUP HIGH WRITEUP
ImageMagick <7.0.7-28 - Info Disclosure
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
CVSS 7.1
CVE-2019-10714 WRITEUP MEDIUM WRITEUP
ImageMagick < 6.9.10-32 - Out-of-bounds Read in LocaleLowercase
LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.
CVSS 6.5
CVE-2019-11470 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-26 Q16 - Denial of Service in Cineon Image Parser
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.
CVSS 6.5
CVE-2019-11472 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-41 Q16 - Denial of Service via Crafted XWD Image Header
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.
CVSS 6.5
CVE-2019-13133 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.0-0-7.0.8-50 - Memory Leak in ReadBMPImage
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
CVSS 5.5
CVE-2019-13134 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.0-0-7.0.8-50 - Memory Leak in ReadVIFFImage
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
CVSS 5.5
CVE-2019-13135 WRITEUP HIGH WRITEUP
ImageMagick < 6.9.10-50 - Use of Uninitialized Resource in ReadCUTImage
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
CVSS 8.8
CVE-2019-13135 WRITEUP HIGH WRITEUP
ImageMagick < 6.9.10-50 - Use of Uninitialized Resource in ReadCUTImage
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.
CVSS 8.8
CVE-2019-13136 WRITEUP HIGH WRITEUP
ImageMagick < 7.0.8-50 - Integer Overflow in TIFFSeekCustomStream
ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c.
CVSS 7.8
CVE-2019-13137 WRITEUP MEDIUM WRITEUP
ImageMagick < 6.9.10-50 - Memory Leak in ReadPSImage
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
CVSS 6.5
CVE-2019-13137 WRITEUP MEDIUM WRITEUP
ImageMagick < 6.9.10-50 - Memory Leak in ReadPSImage
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
CVSS 6.5
CVE-2019-13295 WRITEUP HIGH WRITEUP
ImageMagick 7.0.8-50 - Heap-Based Buffer Over-Read in AdaptiveThresholdImage
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
CVSS 8.8
CVE-2019-13295 WRITEUP HIGH WRITEUP
ImageMagick 7.0.8-50 - Heap-Based Buffer Over-Read in AdaptiveThresholdImage
ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.
CVSS 8.8