U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:imagemagick:imagemagick:7.0.11-8:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 27 matching records.
Displaying matches 21 through 27.
Vuln ID Summary CVSS Severity
CVE-2017-5510

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.

Published: March 24, 2017; 11:59:01 AM -0400 		V3.1: 7.8 HIGH
 V2.0: 6.8 MEDIUM
CVE-2017-5509

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.

Published: March 24, 2017; 11:59:01 AM -0400 		V3.1: 7.8 HIGH
 V2.0: 6.8 MEDIUM
CVE-2017-5506

Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.

Published: March 24, 2017; 11:59:00 AM -0400 		V3.1: 7.8 HIGH
 V2.0: 6.8 MEDIUM
CVE-2016-10146

Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Published: March 24, 2017; 11:59:00 AM -0400 		V3.0: 7.5 HIGH
 V2.0: 7.8 HIGH
CVE-2016-10145

Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.

Published: March 24, 2017; 11:59:00 AM -0400 		V3.0: 9.8 CRITICAL
 V2.0: 7.5 HIGH
CVE-2016-10144

coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.

Published: March 24, 2017; 11:59:00 AM -0400 		V3.0: 9.8 CRITICAL
 V2.0: 7.5 HIGH
CVE-2007-1667

Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.

Published: March 24, 2007; 5:19:00 PM -0400 		V3.x:(not available)
 V2.0: 9.3 HIGH