Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  >> Imagemagick  >> 7.0.6-1  Security Vulnerabilities
CVE-2017-11540
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the GetPixelIndex() function, called from the WritePICONImage function in coders/xpm.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-23
CVE-2017-11522
The WriteOnePNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-22
CVE-2017-11523
The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-07-22
CVE-2017-11505
The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-07-21
CVE-2017-11478
The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-07-20
CVE-2017-11446
The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-19
CVE-2017-11360
The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-07-17
CVE-2017-11310
The read_user_chunk_callback function in coders\png.c in ImageMagick 7.0.6-1 Q16 2017-06-21 (beta) has memory leak vulnerabilities via crafted PNG files.
CVSS Score
8.8
EPSS Score
0.004
Published
2017-07-13
CVE-2017-5506
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-03-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved