Imagemagick

Imagemagick

659 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.1

CVE-2006-3744

  • EPSS 2.06%
  • Veröffentlicht 25.08.2006 01:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.

2.6

CVE-2006-4144

Exploit
  • EPSS 22.22%
  • Veröffentlicht 15.08.2006 23:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values...

7.5

CVE-2006-2440

  • EPSS 1.83%
  • Veröffentlicht 18.05.2006 10:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function.

5.1

CVE-2006-0082

Exploit
  • EPSS 3.88%
  • Veröffentlicht 04.01.2006 23:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric fo...

7.5

CVE-2005-4601

Exploit
  • EPSS 11.89%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.

7.2

CVE-2005-3582

  • EPSS 0.06%
  • Veröffentlicht 16.11.2005 07:42:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.

5

CVE-2005-1739

Exploit
  • EPSS 12.13%
  • Veröffentlicht 24.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.

7.5

CVE-2005-0005

Exploit
  • EPSS 3.5%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

7.5

CVE-2005-0397

  • EPSS 4.52%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filen...

5

CVE-2005-0760

  • EPSS 0.91%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.