Shodan
Vulnerabilities
Vulnerable Software
Graphicsmagick:  >> Graphicsmagick  Security Vulnerabilities
CVE-2017-14103
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403.
CVSS Score
8.8
EPSS Score
0.028
Published
2017-09-01
CVE-2017-14042
A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-08-30
CVE-2017-13775
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.
CVSS Score
6.5
EPSS Score
0.021
Published
2017-08-30
CVE-2017-13776
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.
CVSS Score
6.5
EPSS Score
0.011
Published
2017-08-30
CVE-2017-13777
GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version==10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it.
CVSS Score
6.5
EPSS Score
0.011
Published
2017-08-30
CVE-2017-13736
There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-08-29
CVE-2017-13737
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.018
Published
2017-08-29
CVE-2017-13648
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-08-23
CVE-2017-13147
In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-08-23
CVE-2017-13063
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.
CVSS Score
6.5
EPSS Score
0.015
Published
2017-08-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved