Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  >> 6.0  Security Vulnerabilities
CVE-2017-11449
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
CVSS Score
8.8
EPSS Score
0.004
Published
2017-07-19
CVE-2017-11450
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-07-19
CVE-2017-11352
In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144.
CVSS Score
6.5
EPSS Score
0.01
Published
2017-07-17
CVE-2017-9098
ImageMagick before 7.0.5-2 and GraphicsMagick before 1.3.24 use uninitialized memory in the RLE decoder, allowing an attacker to leak sensitive information from process memory space, as demonstrated by remote attacks against ImageMagick code in a long-running server process that converts image data on behalf of multiple users. This is caused by a missing initialization step in the ReadRLEImage function in coders/rle.c.
CVSS Score
7.5
EPSS Score
0.015
Published
2017-05-19
CVE-2016-7518
The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-04-20
CVE-2016-7520
Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.
CVSS Score
6.5
EPSS Score
0.018
Published
2017-04-20
CVE-2016-7521
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS Score
6.5
EPSS Score
0.018
Published
2017-04-20
CVE-2016-7525
Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
CVSS Score
6.5
EPSS Score
0.018
Published
2017-04-20
CVE-2016-7526
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.
CVSS Score
6.5
EPSS Score
0.027
Published
2017-04-20
CVE-2016-7527
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVSS Score
6.5
EPSS Score
0.01
Published
2017-04-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved