) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:graphicsmagick:graphicsmagick:1.3.17
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-7997 |
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer. Published: January 18, 2017; 12:59:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2016-7996 |
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. Published: January 18, 2017; 12:59:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2015-8808 |
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file. Published: July 13, 2016; 11:59:00 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-5118 |
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. Published: June 10, 2016; 11:59:06 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2013-4589 |
The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image. Published: November 23, 2013; 6:55:04 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |