Graphicsmagick

Graphicsmagick

121 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-9098

Exploit
  • EPSS 1.46%
  • Published 19.05.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a lon...

5.5

CVE-2017-6335

  • EPSS 0.48%
  • Published 14.03.2017 14:59:00
  • Last modified 20.04.2025 01:37:25

The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.

5.5

CVE-2016-9830

  • EPSS 0.6%
  • Published 01.03.2017 20:59:00
  • Last modified 20.04.2025 01:37:25

The MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image.

5.5

CVE-2016-5240

  • EPSS 0.6%
  • Published 27.02.2017 22:59:00
  • Last modified 20.04.2025 01:37:25

The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a circularly defined SVG file.

7.5

CVE-2016-8682

  • EPSS 1.78%
  • Published 15.02.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.

7.8

CVE-2016-8683

  • EPSS 0.29%
  • Published 15.02.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

7.8

CVE-2016-8684

  • EPSS 1.43%
  • Published 15.02.2017 19:59:00
  • Last modified 20.04.2025 01:37:25

The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."

9.8

CVE-2016-7446

  • EPSS 2.02%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.

9.8

CVE-2016-7447

  • EPSS 2.03%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.

7.8

CVE-2016-7448

  • EPSS 4.16%
  • Published 06.02.2017 17:59:00
  • Last modified 20.04.2025 01:37:25

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.