) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:graphicsmagick:graphicsmagick:1.3.26
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2017-11636 |
GraphicsMagick 1.3.26 has a heap overflow in the WriteRGBImage() function in coders/rgb.c when processing multiple frames that have non-identical widths. Published: July 26, 2017; 4:29:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2017-11403 |
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file. Published: July 17, 2017; 8:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2017-11140 |
The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. Published: July 09, 2017; 11:29:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 7.1 HIGH |
| CVE-2017-11139 |
GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. Published: July 09, 2017; 11:29:00 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2017-11102 |
The ReadOneJNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (application crash) during JNG reading via a zero-length color_image data structure. Published: July 07, 2017; 2:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |