HIGH7.1
Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании
CVSS 2.0ВЫСОКАЯ 7.1
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C
ALT-PU-2015-1188-2Обновление пакета ImageMagick в ветке sisyphus
Серьёзность:
Закрытые проблемы (12)
MEDIUM4.3
Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PMEDIUM4.3
Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю вызвать отказ в обслуживании
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PHIGH7.5
Уязвимость консольного графического редактора ImageMagick, позволяющая нарушителю оказать воздействие
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PСсылки
CRITICAL9.8
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
CVSS 2.0ВЫСОКАЯ 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PCVSS 3.xКРИТИЧЕСКАЯ 9.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HСсылки
- http://www.openwall.com/lists/oss-security/2014/12/24/1
- http://www.openwall.com/lists/oss-security/2016/06/02/13
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276
- https://bugzilla.redhat.com/show_bug.cgi?id=1343482
- http://www.openwall.com/lists/oss-security/2014/12/24/1
- http://www.openwall.com/lists/oss-security/2016/06/02/13
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=69490f5cffbda612e15a2985699455bb0b45e276
- https://bugzilla.redhat.com/show_bug.cgi?id=1343482
MEDIUM6.5
coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HСсылки
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682
- http://www.openwall.com/lists/oss-security/2016/06/02/13
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682
- http://www.openwall.com/lists/oss-security/2016/06/02/13
- https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=7a7119c6fe19324ee17b8f756dae60c16e470ab2
MEDIUM6.5
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HСсылки
- http://trac.imagemagick.org/changeset/17854
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
- http://www.openwall.com/lists/oss-security/2015/02/26/13
- http://www.openwall.com/lists/oss-security/2016/06/06/2
- https://bugzilla.redhat.com/show_bug.cgi?id=1195265
- http://trac.imagemagick.org/changeset/17854
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
- http://www.openwall.com/lists/oss-security/2015/02/26/13
- http://www.openwall.com/lists/oss-security/2016/06/06/2
- https://bugzilla.redhat.com/show_bug.cgi?id=1195265
MEDIUM6.5
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HСсылки
- http://trac.imagemagick.org/changeset/17855
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
- http://www.openwall.com/lists/oss-security/2015/02/26/13
- http://www.openwall.com/lists/oss-security/2016/06/06/2
- https://bugzilla.redhat.com/show_bug.cgi?id=1195269
- http://trac.imagemagick.org/changeset/17855
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
- http://www.openwall.com/lists/oss-security/2015/02/26/13
- http://www.openwall.com/lists/oss-security/2016/06/06/2
- https://bugzilla.redhat.com/show_bug.cgi?id=1195269
MEDIUM6.5
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HСсылки
- http://trac.imagemagick.org/changeset/17856
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
- http://www.openwall.com/lists/oss-security/2015/02/26/13
- http://www.openwall.com/lists/oss-security/2016/06/06/2
- https://bugzilla.redhat.com/show_bug.cgi?id=1195271
- http://trac.imagemagick.org/changeset/17856
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
- http://www.openwall.com/lists/oss-security/2015/02/26/13
- http://www.openwall.com/lists/oss-security/2016/06/06/2
- https://bugzilla.redhat.com/show_bug.cgi?id=1195271
MEDIUM6.5
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HСсылки
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- http://www.securityfocus.com/bid/93125
- https://bugzilla.redhat.com/show_bug.cgi?id=1378735
- https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
- https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a
- https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26838
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- http://www.securityfocus.com/bid/93125
- https://bugzilla.redhat.com/show_bug.cgi?id=1378735
- https://github.com/ImageMagick/ImageMagick/commit/450bd716ed3b9186dd10f9e60f630a3d9eeea2a4
- https://github.com/ImageMagick/ImageMagick/commit/78f82d9d1c2944725a279acd573a22168dc6e22a
- https://github.com/ImageMagick/ImageMagick/commit/bd96074b254c6607a0f7731e59f923ad19d5a46d
MEDIUM6.5
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
CVSS 2.0СРЕДНЯЯ 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HСсылки
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- http://www.securityfocus.com/bid/93124
- https://bugzilla.redhat.com/show_bug.cgi?id=1378736
- https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f
- https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
- https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
- https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26857
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- http://www.securityfocus.com/bid/93124
- https://bugzilla.redhat.com/show_bug.cgi?id=1378736
- https://github.com/ImageMagick/ImageMagick/commit/1aa0c6dab6dcef4d9bc3571866ae1c1ddbec7d8f
- https://github.com/ImageMagick/ImageMagick/commit/6b4aff0f117b978502ee5bcd6e753c17aec5a961
- https://github.com/ImageMagick/ImageMagick/commit/8ea44b48a182dd46d018f4b4f09a5e2ee9638105
- https://github.com/ImageMagick/ImageMagick/commit/b8f17d08b7418204bf8a05a5c24e87b2fc395b75
MEDIUM6.5
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
CVSS 2.0ВЫСОКАЯ 7.1
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:CCVSS 3.xСРЕДНЯЯ 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HСсылки
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- http://www.securityfocus.com/bid/93230
- https://bugzilla.redhat.com/show_bug.cgi?id=1378738
- https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
- https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
- https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7
- http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861
- http://www.openwall.com/lists/oss-security/2016/09/22/2
- http://www.securityfocus.com/bid/93230
- https://bugzilla.redhat.com/show_bug.cgi?id=1378738
- https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110
- https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4
- https://github.com/ImageMagick/ImageMagick/commit/cc2a4d2ba5371d25c58763e4db2dbc1f4691c0f7