Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  >> 7.0.0-0  Security Vulnerabilities
CVE-2017-12877
Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.
CVSS Score
6.5
EPSS Score
0.012
Published
2017-08-28
CVE-2017-13139
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.
CVSS Score
9.8
EPSS Score
0.011
Published
2017-08-23
CVE-2017-13140
In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-08-23
CVE-2017-13141
In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-08-23
CVE-2017-13142
In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-08-23
CVE-2017-11524
The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-07-23
CVE-2017-11525
The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
CVSS Score
6.5
EPSS Score
0.012
Published
2017-07-23
CVE-2017-11522
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-22
CVE-2017-11523
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-07-22
CVE-2017-11505
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-07-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved