Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. (CVE-2017-18273) - In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. (CVE-2017-18271) - In ImageMagick 7.0.7-16 Q16 x86_64, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. (CVE-2017-18254) - In ImageMagick 7.0.7-16 Q16 x86_64, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. (CVE-2017-18252) - An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. (CVE-2017-18251) - An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file.
(CVE-2017-12806) - An issue was discovered in ImageMagick 7.0.7. (CVE-2017-12805) - In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.
(CVE-2017-11166) - In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. (CVE-2017-1000476) - The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file.
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1497 advisory. Description The version of tested product installed on the remote host is prior to tested version. Synopsis The remote Amazon Linux 2 host is missing a security update.
0 kommentar(er)
