Writeup Exploits

62,844 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-14326 WRITEUP MEDIUM
ImageMagick 7.0.7-1 Q16 - Denial of Service via Memory Leak in ReadMATImage
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14325 WRITEUP MEDIUM
ImageMagick 7.0.7-1 - Denial of Service via Memory Leak in PersistPixelCache
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service (memory consumption in ReadMPCImage in coders/mpc.c) via a crafted file.
CVSS 6.5
CVE-2017-14324 WRITEUP MEDIUM
ImageMagick 7.0.7-1 - Denial of Service via Memory Leak in ReadMPCImage
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14249 WRITEUP MEDIUM
ImageMagick 7.0.6-8 - Denial of Service via Crafted MPC File
ImageMagick 7.0.6-8 Q16 mishandles EOF checks in ReadMPCImage in coders/mpc.c, leading to division by zero in GetPixelCacheTileSize in MagickCore/cache.c, allowing remote attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14248 WRITEUP MEDIUM
ImageMagick <7.0.6-8 - Buffer Overflow
A heap-based buffer over-read in SampleImage() in MagickCore/resize.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-14224 WRITEUP HIGH
ImageMagick 7.0.6-8 - Buffer Overflow
A heap-based buffer overflow in WritePCXImage in coders/pcx.c in ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of service or code execution via a crafted file.
CVSS 8.8
CVE-2017-14175 WRITEUP MEDIUM
ImageMagick 7.0.6-1 Q16 - Denial of Service via Crafted XBM File
In coders/xbm.c in ImageMagick 7.0.6-1 Q16, a DoS in ReadXBMImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, is provided, the loop over the rows would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5
CVE-2017-14174 WRITEUP MEDIUM
ImageMagick 7.0.7-0 Q16 - Denial of Service via Crafted PSD File
In coders/psd.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSDLayersInternal() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "length" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5
CVE-2017-14173 WRITEUP MEDIUM
ImageMagick 7.0.6-10 - Buffer Overflow
In the function ReadTXTImage() in coders/txt.c in ImageMagick 7.0.6-10, an integer overflow might occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. As a result, an infinite loop would occur for a crafted TXT file that claims a very large "max_value" value.
CVSS 6.5
CVE-2017-14172 WRITEUP MEDIUM
ImageMagick 7.0.7-0 Q16 - Denial of Service via Crafted PSD File
In coders/ps.c in ImageMagick 7.0.7-0 Q16, a DoS in ReadPSImage() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, is provided, the loop over "length" would consume huge CPU resources, since there is no EOF check inside the loop.
CVSS 6.5
CVE-2017-14139 WRITEUP MEDIUM
ImageMagick 7.0.6-2 - Memory Corruption
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c.
CVSS 6.5
CVE-2017-14138 WRITEUP CRITICAL
ImageMagick 7.0.6-5 - Memory Corruption
ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors.
CVSS 9.8
CVE-2017-14137 WRITEUP HIGH
ImageMagick 7.0.6-5 - Memory Corruption
ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header.
CVSS 7.5
CVE-2017-14060 WRITEUP MEDIUM
ImageMagick 7.0.6-10 - Denial of Service via Malformed Image File
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.
CVSS 6.5
CVE-2017-13769 WRITEUP MEDIUM
ImageMagick < 6.9.9-11 - Denial of Service via Crafted JPEG File
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
CVSS 6.5
CVE-2017-13768 WRITEUP MEDIUM
ImageMagick < 6.9.9-11 - Denial of Service via Null Pointer Dereference in IdentifyImage
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVSS 6.5
CVE-2017-13658 WRITEUP MEDIUM
ImageMagick < 6.9.9-3 and 7.x < 7.0.6-3 - Denial of Service via Missing NULL Check in ReadMATImage
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
CVSS 6.5
CVE-2017-13145 WRITEUP MEDIUM
ImageMagick < 6.9.8-8 and 7.x < 7.0.5-9 - Denial of Service via JP2 Channel Geometry Validation
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
CVSS 6.5
CVE-2017-13143 WRITEUP HIGH
ImageMagick < 6.9.7-6 and 7.x < 7.0.4-6 - Information Disclosure via Uninitialized Memory in ReadMATImage
In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.
CVSS 7.5
CVE-2017-13141 WRITEUP MEDIUM
ImageMagick < 6.9.9-4 and 7.x < 7.0.6-4 - Memory Leak in PNG Image Processing
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
CVSS 6.5
CVE-2017-13140 WRITEUP MEDIUM
ImageMagick < 6.9.9-1 and 7.x < 7.0.6-2 - Denial of Service via PNG Width Handling
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
CVSS 6.5
CVE-2017-13134 WRITEUP MEDIUM
ImageMagick 7.0.6-6 - Heap-Based Buffer Over-Read in SFWScan
In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer over-read was found in the function SFWScan in coders/sfw.c, which allows attackers to cause a denial of service via a crafted file.
CVSS 6.5
CVE-2017-13133 WRITEUP MEDIUM
ImageMagick 7.0.6-8 - Denial of Service via XCF File Offset Validation Bypass
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
CVSS 6.5
CVE-2017-13132 WRITEUP MEDIUM
ImageMagick 7.0.6-8 - Denial of Service via WritePDFImage Function
In ImageMagick 7.0.6-8, the WritePDFImage function in coders/pdf.c operates on an incorrect data structure in the "dump uncompressed PseudoColor packets" step, which allows attackers to cause a denial of service (assertion failure in WriteBlobStream in MagickCore/blob.c) via a crafted file.
CVSS 6.5
CVE-2017-13131 WRITEUP MEDIUM
ImageMagick 7.0.6-8 - Denial of Service via Memory Leak in ReadMIFFImage
In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (memory consumption in NewLinkedList in MagickCore/linked-list.c) via a crafted file.
CVSS 6.5