ALT-PU-2015-1188-1
Package ImageMagick updated to version 6.9.0.6-alt1 for branch sisyphus in task 140601.
Closed vulnerabilities
Published: 2017-04-20
BDU:2017-01137
Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.1)
References:
Published: 2017-04-20
BDU:2017-01138
Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.3)
References:
Published: 2017-04-20
BDU:2017-01139
Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.3)
References:
Published: 2017-04-11
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-9837
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682
- [oss-security] 20160602 Re: ImageMagick CVEs
- [oss-security] 20160602 Re: ImageMagick CVEs
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2
Published: 2017-02-28
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8901
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://trac.imagemagick.org/changeset/17854
- http://trac.imagemagick.org/changeset/17854
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
- [oss-security] 20150226 Requesting CVE for ImageMagick DoS
- [oss-security] 20150226 Requesting CVE for ImageMagick DoS
- [oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS
- [oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS
- https://bugzilla.redhat.com/show_bug.cgi?id=1195265
- https://bugzilla.redhat.com/show_bug.cgi?id=1195265
Published: 2017-02-28
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8902
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://trac.imagemagick.org/changeset/17855
- http://trac.imagemagick.org/changeset/17855
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
- [oss-security] 20150226 Requesting CVE for ImageMagick DoS
- [oss-security] 20150226 Requesting CVE for ImageMagick DoS
- [oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS
- [oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS
- https://bugzilla.redhat.com/show_bug.cgi?id=1195269
- https://bugzilla.redhat.com/show_bug.cgi?id=1195269
Published: 2017-02-28
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8903
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://trac.imagemagick.org/changeset/17856
- http://trac.imagemagick.org/changeset/17856
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
- [oss-security] 20150226 Requesting CVE for ImageMagick DoS
- [oss-security] 20150226 Requesting CVE for ImageMagick DoS
- [oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS
- [oss-security] 20160606 Re: Requesting CVE for ImageMagick DoS
- https://bugzilla.redhat.com/show_bug.cgi?id=1195271
- https://bugzilla.redhat.com/show_bug.cgi?id=1195271
Published: 2017-04-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8957
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
- [oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
- [oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
- 93125
- 93125
- https://bugzilla.redhat.com/show_bug.cgi?id=1378735
- https://bugzilla.redhat.com/show_bug.cgi?id=1378735
- https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
- https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
- https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a
- https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a
- https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
- https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
Published: 2017-04-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8958
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
- [oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
- [oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
- 93124
- 93124
- https://bugzilla.redhat.com/show_bug.cgi?id=1378736
- https://bugzilla.redhat.com/show_bug.cgi?id=1378736
- https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f
- https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f
- https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
- https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
- https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
- https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
- https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75
- https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75
Published: 2017-04-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8959
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
- [oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
- [oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)
- 93230
- 93230
- https://bugzilla.redhat.com/show_bug.cgi?id=1378738
- https://bugzilla.redhat.com/show_bug.cgi?id=1378738
- https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
- https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
- https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
- https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
- https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7
- https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7