Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  >> 6.9.6-4  Security Vulnerabilities
CVE-2017-5511
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVSS Score
9.8
EPSS Score
0.014
Published
2017-03-24
CVE-2016-10144
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
CVSS Score
9.8
EPSS Score
0.008
Published
2017-03-24
CVE-2016-10145
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVSS Score
9.8
EPSS Score
0.009
Published
2017-03-24
CVE-2016-10146
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.015
Published
2017-03-24
CVE-2017-5506
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-03-24
CVE-2016-10065
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-03-03
CVE-2016-10062
The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-03-02
CVE-2016-9559
coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.
CVSS Score
6.5
EPSS Score
0.01
Published
2017-03-01
CVE-2016-8866
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-02-15
CVE-2016-6823
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
CVSS Score
7.5
EPSS Score
0.009
Published
2017-01-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved