Graphicsmagick

Graphicsmagick

121 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2017-17498

  • EPSS 0.71%
  • Veröffentlicht 11.12.2017 02:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafte...

8.8

CVE-2017-17500

  • EPSS 2.19%
  • Veröffentlicht 11.12.2017 02:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.

8.8

CVE-2017-17501

  • EPSS 2.19%
  • Veröffentlicht 11.12.2017 02:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.

8.8

CVE-2017-17502

  • EPSS 0.95%
  • Veröffentlicht 11.12.2017 02:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.

8.8

CVE-2017-17503

  • EPSS 0.95%
  • Veröffentlicht 11.12.2017 02:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.

8.8

CVE-2017-16669

Exploit
  • EPSS 1.13%
  • Veröffentlicht 09.11.2017 00:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in m...

8.8

CVE-2017-16547

  • EPSS 0.86%
  • Veröffentlicht 06.11.2017 05:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or ...

8.8

CVE-2017-16545

  • EPSS 0.66%
  • Veröffentlicht 05.11.2017 22:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have...

8.8

CVE-2017-16352

Exploit
  • EPSS 29.41%
  • Veröffentlicht 01.11.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the DescribeImage() function of the magick/describe.c file. One possible way to trigger the vulnerability is to...

6.5

CVE-2017-16353

Exploit
  • EPSS 34.95%
  • Veröffentlicht 01.11.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is ...