- EPSS 97.49%
- Veröffentlicht 05.05.2016 18:59:03
- Zuletzt bearbeitet 21.04.2026 19:14:46
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "I...
CVE-2013-4298
- EPSS 4.69%
- Veröffentlicht 10.09.2013 19:55:11
- Zuletzt bearbeitet 29.04.2026 01:13:23
The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image.
CVE-2012-3437
- EPSS 2.75%
- Veröffentlicht 07.08.2012 21:55:02
- Zuletzt bearbeitet 16.06.2026 23:43:13
The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that trigger...
CVE-2012-1610
- EPSS 4.75%
- Veröffentlicht 05.06.2012 22:55:10
- Zuletzt bearbeitet 16.06.2026 23:39:51
Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: th...
CVE-2012-1798
- EPSS 2.4%
- Veröffentlicht 05.06.2012 22:55:10
- Zuletzt bearbeitet 16.06.2026 23:40:19
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
CVE-2012-1185
- EPSS 29.68%
- Veröffentlicht 05.06.2012 22:55:09
- Zuletzt bearbeitet 16.06.2026 23:39:12
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the R...
CVE-2012-1186
- EPSS 1.88%
- Veröffentlicht 05.06.2012 22:55:09
- Zuletzt bearbeitet 16.06.2026 23:39:12
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exis...
CVE-2012-0248
- EPSS 2.1%
- Veröffentlicht 05.06.2012 22:55:07
- Zuletzt bearbeitet 16.06.2026 23:36:59
ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF.
CVE-2012-0259
- EPSS 2.36%
- Veröffentlicht 05.06.2012 22:55:07
- Zuletzt bearbeitet 16.06.2026 23:37:00
The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-b...
CVE-2012-0260
- EPSS 2.36%
- Veröffentlicht 05.06.2012 22:55:07
- Zuletzt bearbeitet 16.06.2026 23:37:00
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.