Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  >> 6.0  Security Vulnerabilities
CVE-2017-13144
In ImageMagick before 6.9.7-10, there is a crash (rather than a "width or height exceeds limit" error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-08-23
CVE-2017-13145
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.
CVSS Score
6.5
EPSS Score
0.013
Published
2017-08-23
CVE-2017-13146
In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-08-23
CVE-2014-9827
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.
CVSS Score
8.8
EPSS Score
0.004
Published
2017-08-07
CVE-2014-9828
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-08-07
CVE-2014-9830
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-08-07
CVE-2014-9831
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-08-07
CVE-2017-12427
The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-08-04
CVE-2016-7539
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.029
Published
2017-07-25
CVE-2017-11524
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved