Dirk Lemstra

30 exploits Active since Mar 2017
CVE-2017-14174 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.7-0 Q16 - Denial of Service via Crafted PSD File
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5
CVE-2017-17499 WRITEUP CRITICAL WRITEUP
ImageMagick 7.0.0-0-7.0.7-12 - Use-After-Free in Magick::Image::read
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVSS 9.8
CVE-2017-5507 WRITEUP HIGH WRITEUP
ImageMagick - Memory Leak in MPC Coder
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
CVSS 7.5
CVE-2017-5511 WRITEUP CRITICAL WRITEUP
ImageMagick < 6.9.7-3 - Heap-Based Buffer Overflow in PSD Coder
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVSS 9.8
CVE-2021-39212 WRITEUP MEDIUM WRITEUP
ImageMagick 6.9.12-0-6.9.12-22 - Race Condition in Policy Enforcement
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. <policy domain="module" rights="none" pattern="PS" />. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />.
CVSS 4.4
CVE-2026-27799 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-15/6.9.13-40 - Buffer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS 4.0
CVE-2026-25576 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-15/6.9.13-40 - Buffer Overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer. Versions 7.1.2-15 and 6.9.13-40 contain a patch.
CVSS 5.1
CVE-2026-25637 WRITEUP MEDIUM WRITEUP
ImageMagick <7.1.2-15 - Memory Corruption
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image that results in small objects that are allocated but never freed. Version 7.1.2-15 contains a patch.
CVSS 5.3
CVE-2017-11447 WRITEUP MEDIUM WRITEUP
ImageMagick < 7.0.6-0 - Denial of Service via ReadSCREENSHOTImage Memory Leak
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
CVSS 6.5
CVE-2017-17499 WRITEUP CRITICAL WRITEUP
ImageMagick 7.0.0-0-7.0.7-12 - Use-After-Free in Magick::Image::read
ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.
CVSS 9.8
CVE-2017-5507 WRITEUP HIGH WRITEUP
ImageMagick - Memory Leak in MPC Coder
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
CVSS 7.5
CVE-2017-5508 WRITEUP MEDIUM WRITEUP
ImageMagick - Heap-based Buffer Overflow in PushQuantumPixel via Crafted TIFF File
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVSS 5.5
CVE-2017-5511 WRITEUP CRITICAL WRITEUP
ImageMagick < 6.9.7-3 - Heap-Based Buffer Overflow in PSD Coder
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVSS 9.8
CVE-2017-6497 WRITEUP HIGH WRITEUP
ImageMagick - Denial of Service via Crafted PSD File
An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).
CVSS 7.5
CVE-2017-6499 WRITEUP MEDIUM WRITEUP
ImageMagick - Memory Leak via Nested Exception Handling
An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).
CVSS 5.5
CVE-2017-6502 WRITEUP MEDIUM WRITEUP
ImageMagick - Denial of Service via Crafted WebP File
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
CVSS 5.5
CVE-2017-9141 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.5-7 - Buffer Overflow
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the ResetImageProfileIterator function in MagickCore/profile.c because of missing checks in the ReadDDSImage function in coders/dds.c.
CVSS 6.5
CVE-2017-9142 WRITEUP MEDIUM WRITEUP
ImageMagick <7.0.5-7 - Buffer Overflow
In ImageMagick 7.0.5-7 Q16, a crafted file could trigger an assertion failure in the WriteBlob function in MagickCore/blob.c because of missing checks in the ReadOneJNGImage function in coders/png.c.
CVSS 6.5
CVE-2017-9143 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.5-5 - Denial of Service via Memory Leak in ReadARTImage
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
CVSS 6.5
CVE-2017-9499 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.5-7 - Denial of Service via Crafted File
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-9501 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.5-7 - Denial of Service via Crafted File
In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2018-1000041 WRITEUP HIGH WRITEUP
GNOME librsvg before 2.41.2 - Information Disclosure
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.
CVSS 8.8
CVE-2018-16641 WRITEUP MEDIUM WRITEUP
ImageMagick 7.0.8-6 - Memory Corruption
ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
CVSS 6.5
CVE-2021-39212 WRITEUP MEDIUM WRITEUP
ImageMagick 6.9.12-0-6.9.12-22 - Race Condition in Policy Enforcement
ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases, Postscript files could be read and written when specifically excluded by a `module` policy in `policy.xml`. ex. <policy domain="module" rights="none" pattern="PS" />. The issue has been resolved in ImageMagick 7.1.0-7 and in 6.9.12-22. Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also our workaround recommendation: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />.
CVSS 4.4
CVE-2021-3962 WRITEUP HIGH WRITEUP
ImageMagick - Use-After-Free via Crafted Image Processing
A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a use-after-free vulnerability when processed by ImageMagick. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS 7.8