ALT-PU-2015-1188-2 — ImageMagick

BDU:2017-01137

HIGH7.1

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-05-15Modified: 2021-03-23

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

References

BDU:2017-01138

MEDIUM4.3

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-05-15Modified: 2021-03-23

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

References

BDU:2017-01139

MEDIUM4.3

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-05-15Modified: 2021-03-23

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

References

BDU:2017-01572

HIGH7.5

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю оказать воздействие

Published: 2017-06-30Modified: 2021-03-23

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

References

CVE-2014-9826

CVE-2014-9826

CRITICAL9.8

ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.

Published: 2017-03-30Modified: 2025-04-20

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2014-9837

MEDIUM6.5

coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.

Published: 2017-04-11Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-8901

MEDIUM6.5

ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

Published: 2017-02-27Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-8902

MEDIUM6.5

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

Published: 2017-02-27Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-8903

MEDIUM6.5

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

Published: 2017-02-27Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-8957

MEDIUM6.5

Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.

Published: 2017-04-20Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-8958

MEDIUM6.5

coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.

Published: 2017-04-20Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

CVE-2015-8959

MEDIUM6.5

coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.

Published: 2017-04-20Modified: 2025-04-20

CVSS 2.0HIGH 7.1

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Package update ImageMagick in branch sisyphus

Closed issues (12)

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю оказать воздействие

ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.

coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.

ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.

Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.

coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.

coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.