Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  >> 7.0.3-7  Security Vulnerabilities
CVE-2017-5508
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-03-24
CVE-2017-5509
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-03-24
CVE-2017-5510
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-03-24
CVE-2017-5511
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVSS Score
9.8
EPSS Score
0.014
Published
2017-03-24
CVE-2017-5506
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-03-24
CVE-2015-8894
Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-15
CVE-2015-8895
Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause a denial of service (application crash) via a crafted length value, which triggers a buffer overflow.
CVSS Score
7.5
EPSS Score
0.015
Published
2017-03-15
CVE-2015-8896
Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-03-15
CVE-2015-8900
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-27
CVE-2016-8866
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-02-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved