Imagemagick: >> Imagemagick >> 7.0.7-22 Security Vulnerabilities
A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-02-13
The OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-02-09
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.01
Published
2018-01-30
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
CVSS Score
6.5
EPSS Score
0.007
Published
2018-01-12
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-01-12
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-03-24
Page 18