Vulnerabilities
Vulnerable Software
Imagemagick:  Security Vulnerabilities
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
CVSS Score
6.5
EPSS Score
0.029
Published
2017-09-01
In ImageMagick 7.0.6-10, a NULL Pointer Dereference issue is present in the ReadCUTImage function in coders/cut.c that could allow an attacker to cause a Denial of Service (in the QueueAuthenticPixelCacheNexus function within the MagickCore/cache.c file) by submitting a malformed image file.
CVSS Score
6.5
EPSS Score
0.016
Published
2017-08-31
Null Pointer Dereference in the IdentifyImage function in MagickCore/identify.c in ImageMagick through 7.0.6-10 allows an attacker to perform denial of service by sending a crafted image file.
CVSS Score
6.5
EPSS Score
0.021
Published
2017-08-30
The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick through 7.0.6-10 allows an attacker to cause a denial of service (buffer over-read) by sending a crafted JPEG file.
CVSS Score
6.5
EPSS Score
0.014
Published
2017-08-30
In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the TracePoint() function in MagickCore/draw.c.
CVSS Score
6.5
EPSS Score
0.02
Published
2017-08-29
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.
CVSS Score
6.5
EPSS Score
0.024
Published
2017-08-29
Heap-based buffer overflow in enhance.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.03
Published
2017-08-28
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.023
Published
2017-08-28
In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.
CVSS Score
6.5
EPSS Score
0.013
Published
2017-08-24
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVSS Score
9.8
EPSS Score
0.038
Published
2017-08-23


Contact Us

Shodan ® - All rights reserved