Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  Security Vulnerabilities
CVE-2017-15032
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
CVSS Score
9.8
EPSS Score
0.015
Published
2017-10-05
CVE-2017-15033
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
CVSS Score
7.5
EPSS Score
0.017
Published
2017-10-05
CVE-2017-15017
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.
CVSS Score
8.8
EPSS Score
0.02
Published
2017-10-05
CVE-2017-15015
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.
CVSS Score
8.8
EPSS Score
0.014
Published
2017-10-05
CVE-2017-15016
ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.
CVSS Score
8.8
EPSS Score
0.017
Published
2017-10-05
CVE-2017-14989
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code.
CVSS Score
6.5
EPSS Score
0.015
Published
2017-10-03
CVE-2017-14739
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service (NULL Pointer Dereference in DistortImage in MagickCore/distort.c, and application crash) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.03
Published
2017-09-26
CVE-2017-14741
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.
CVSS Score
6.5
EPSS Score
0.014
Published
2017-09-26
CVE-2017-14684
In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service (memory consumption in ResizeMagickMemory in MagickCore/memory.c) via a crafted file.
CVSS Score
6.5
EPSS Score
0.012
Published
2017-09-22
CVE-2017-14682
GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted SVG document, a different vulnerability than CVE-2017-10928.
CVSS Score
8.8
EPSS Score
0.023
Published
2017-09-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved