Search Results (Refine Search)
- CPE Product Version: cpe:/a:imagemagick:imagemagick:7.0.8-11:q16
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-16413 |
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. Published: September 03, 2018; 3:29:01 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-16412 |
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. Published: September 03, 2018; 3:29:01 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-15607 |
In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. Published: August 21, 2018; 11:29:00 AM -0400 |
V3.0: 6.5 MEDIUM V2.0: 7.1 HIGH |