Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  >> 5.4.2.3  Security Vulnerabilities
CVE-2017-11529
The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-07-23
CVE-2017-11530
The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-23
CVE-2017-11522
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-22
CVE-2017-11523
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-07-22
CVE-2017-11505
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-21
CVE-2017-11478
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-07-20
CVE-2017-11447
The ReadSCREENSHOTImage function in coders/screenshot.c in ImageMagick before 7.0.6-1 has memory leaks, causing denial of service.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-07-19
CVE-2017-11448
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted file.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-07-19
CVE-2017-11449
coders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an image received from stdin.
CVSS Score
8.8
EPSS Score
0.004
Published
2017-07-19
CVE-2017-11450
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-07-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved