CVE-2016-7449
- EPSS 3.49%
- Veröffentlicht 06.02.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
CVE-2016-7800
- EPSS 3.85%
- Veröffentlicht 06.02.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
CVE-2016-9532
- EPSS 1.98%
- Veröffentlicht 06.02.2017 17:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.
CVE-2016-10165
- EPSS 2.77%
- Veröffentlicht 03.02.2017 19:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
CVE-2016-2317
- EPSS 1.99%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTr...
CVE-2016-2318
- EPSS 1.88%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath...
CVE-2016-4570
- EPSS 1.59%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
CVE-2016-4571
- EPSS 1.59%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
CVE-2016-5241
- EPSS 1.55%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via a crafted svg file.
CVE-2016-9963
- EPSS 3.1%
- Veröffentlicht 01.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.