Information Technology Laboratory
National Vulnerability Database
National Vulnerability Database
NVD
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-5010 |
coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file. Published: April 20, 2017; 2:59:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-8959 |
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file. Published: April 20, 2017; 2:59:00 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 7.1 HIGH |
| CVE-2015-8958 |
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file. Published: April 20, 2017; 2:59:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-8957 |
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file. Published: April 20, 2017; 2:59:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-9907 |
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file. Published: April 19, 2017; 10:59:00 AM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-9837 |
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file. Published: April 11, 2017; 3:59:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-8716 |
The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash). Published: April 11, 2017; 3:59:00 PM -0400 |
V3.0: 6.2 MEDIUM V2.0: 2.1 LOW |
| CVE-2014-8562 |
DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). Published: April 11, 2017; 3:59:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-8355 |
PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). Published: April 11, 2017; 3:59:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-8354 |
The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. Published: April 11, 2017; 3:59:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-5511 |
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. Published: March 24, 2017; 11:59:01 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2017-5510 |
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. Published: March 24, 2017; 11:59:01 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2017-5509 |
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. Published: March 24, 2017; 11:59:01 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2017-5508 |
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file. Published: March 24, 2017; 11:59:01 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-5507 |
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. Published: March 24, 2017; 11:59:01 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
| CVE-2017-5506 |
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. Published: March 24, 2017; 11:59:00 AM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-10146 |
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Published: March 24, 2017; 11:59:00 AM -0400 |
V3.0: 7.5 HIGH V2.0: 7.8 HIGH |
| CVE-2016-10145 |
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy. Published: March 24, 2017; 11:59:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2016-10144 |
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check. Published: March 24, 2017; 11:59:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2016-10059 |
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file. Published: March 23, 2017; 1:59:00 PM -0400 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |