Shodan
Vulnerabilities
Vulnerable Software
Imagemagick:  Security Vulnerabilities
CVE-2016-8678
The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64."
CVSS Score
5.5
EPSS Score
0.002
Published
2017-02-15
CVE-2016-8866
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.
CVSS Score
8.8
EPSS Score
0.007
Published
2017-02-15
CVE-2016-8862
The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick before 7.0.3.3 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.
CVSS Score
8.8
EPSS Score
0.008
Published
2017-02-15
CVE-2016-9298
Heap overflow in the WaveletDenoiseImage function in MagickCore/fx.c in ImageMagick before 6.9.6-4 and 7.x before 7.0.3-6 allows remote attackers to cause a denial of service (crash) via a crafted image.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-01-27
CVE-2016-6823
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
CVSS Score
7.5
EPSS Score
0.009
Published
2017-01-18
CVE-2016-7101
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-01-18
CVE-2016-7799
MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
CVSS Score
6.5
EPSS Score
0.013
Published
2017-01-18
CVE-2016-7906
magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-01-18
CVE-2016-8707
An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.
CVSS Score
7.5
EPSS Score
0.02
Published
2016-12-23
CVE-2016-6520
Buffer overflow in MagickCore/enhance.c in ImageMagick before 7.0.2-7 allows remote attackers to have unspecified impact via vectors related to pixel cache morphology.
CVSS Score
9.1
EPSS Score
0.01
Published
2016-12-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved