CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Imagemagick » Imagemagick » 7.0.5-5 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:imagemagick:imagemagick:7.0.5-5:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-13658 617 DoS 2017-08-24 2020-09-08
4.3
None Remote Medium Not required None None Partial
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
2 CVE-2017-13146 772 2017-08-23 2020-10-14
6.8
None Remote Medium Not required Partial Partial Partial
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
3 CVE-2017-13145 20 2017-08-23 2020-10-14
4.3
None Remote Medium Not required None None Partial
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
4 CVE-2017-13142 754 2017-08-23 2019-05-14
4.3
None Remote Medium Not required None None Partial
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
5 CVE-2017-13141 772 2017-08-23 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
6 CVE-2017-13140 119 DoS Overflow 2017-08-23 2017-11-13
4.3
None Remote Medium Not required None None Partial
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
7 CVE-2017-13139 125 2017-08-23 2020-10-14
7.5
None Remote Low Not required Partial Partial Partial
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
8 CVE-2017-12427 772 DoS 2017-08-04 2019-10-03
4.3
None Remote Medium Not required None None Partial
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
9 CVE-2017-11724 772 2017-07-29 2019-10-03
4.3
None Remote Medium Not required None None Partial
The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures.
10 CVE-2017-11530 400 DoS 2017-07-23 2017-07-28
7.1
None Remote Medium Not required None None Complete
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
11 CVE-2017-11529 772 DoS 2017-07-23 2019-10-03
4.3
None Remote Medium Not required None None Partial
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
12 CVE-2017-11528 772 DoS 2017-07-23 2019-10-03
4.3
None Remote Medium Not required None None Partial
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
13 CVE-2017-11527 400 DoS 2017-07-23 2017-07-28
7.1
None Remote Medium Not required None None Complete
The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
14 CVE-2017-11526 400 DoS 2017-07-23 2017-07-28
7.1
None Remote Medium Not required None None Complete
The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.
15 CVE-2017-11525 770 DoS 2017-07-23 2019-10-03
7.1
None Remote Medium Not required None None Complete
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
16 CVE-2017-11524 617 DoS 2017-07-23 2019-10-03
4.3
None Remote Medium Not required None None Partial
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
17 CVE-2017-11523 835 DoS 2017-07-22 2019-10-03
7.1
None Remote Medium Not required None None Complete
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
18 CVE-2017-11522 476 DoS 2017-07-22 2017-07-27
4.3
None Remote Medium Not required None None Partial
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
19 CVE-2017-11505 834 DoS 2017-07-21 2019-10-03
7.1
None Remote Medium Not required None None Complete
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
20 CVE-2017-11478 835 DoS 2017-07-20 2019-10-03
7.1
None Remote Medium Not required None None Complete
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
21 CVE-2017-9440 772 DoS 2017-06-05 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPSDChannel in coders/psd.c, which allows attackers to cause a denial of service via a crafted file.
22 CVE-2017-9439 772 DoS 2017-06-05 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, a memory leak was found in the function ReadPDBImage in coders/pdb.c, which allows attackers to cause a denial of service via a crafted file.
23 CVE-2017-9409 772 DoS 2017-06-02 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.
24 CVE-2017-9407 772 DoS 2017-06-02 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
25 CVE-2017-9405 772 DoS 2017-06-02 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.
26 CVE-2017-9144 20 2017-05-22 2020-10-15
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c.
27 CVE-2017-9143 772 DoS 2017-05-22 2020-10-15
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file.
28 CVE-2017-8765 772 2017-05-04 2019-10-03
7.1
None Remote Medium Not required None None Complete
The function named ReadICONImage in coders\icon.c in ImageMagick 7.0.5-5 has a memory leak vulnerability which can cause memory exhaustion via a crafted ICON file.
29 CVE-2017-8357 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadEPTImage function in ept.c allows attackers to cause a denial of service (memory leak) via a crafted file.
30 CVE-2017-8356 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows attackers to cause a denial of service (memory leak) via a crafted file.
31 CVE-2017-8355 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadMTVImage function in mtv.c allows attackers to cause a denial of service (memory leak) via a crafted file.
32 CVE-2017-8354 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file.
33 CVE-2017-8353 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadPICTImage function in pict.c allows attackers to cause a denial of service (memory leak) via a crafted file.
34 CVE-2017-8352 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
35 CVE-2017-8351 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file.
36 CVE-2017-8350 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
37 CVE-2017-8349 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file.
38 CVE-2017-8348 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file.
39 CVE-2017-8347 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file.
40 CVE-2017-8346 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file.
41 CVE-2017-8345 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file.
42 CVE-2017-8344 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file.
43 CVE-2017-8343 772 DoS 2017-04-30 2019-10-03
4.3
None Remote Medium Not required None None Partial
In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.
Total number of vulnerabilities : 43   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.