Download
| Alert*
oval:org.secpod.oval:def:34292
Apple Mac OS X Server 10.9 (Maverick) is installed oval:org.secpod.oval:def:34299 Apple Mac OS X Server 10.10 (Yosemite) is installed oval:org.secpod.oval:def:34298 Apple Mac OS X Server 10.11 (el capitan) is installed oval:org.secpod.oval:def:2001303 In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001402 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image function in coders/jp2.c. oval:org.secpod.oval:def:2000865 The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866. oval:org.secpod.oval:def:2000752 In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPGXImage in coders/pgx.c, which allows attackers to cause a denial of service via a crafted PGX image file. oval:org.secpod.oval:def:2000104 An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore . oval:org.secpod.oval:def:51861 imagemagick: Image manipulation programs and library Details: USN-3363-1 fixed vulnerabilities in ImageMagick. The update caused a regression for certain users when processing images. The problematic patch has been reverted pending further investigation. We apologize for the inconvenience. Original ... oval:org.secpod.oval:def:51727 imagemagick: Image manipulation programs and library Details: USN-3142-1 fixed vulnerabilities in ImageMagick. The security fixes introduced a regression with text labels and a regression with the text coder. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-31 ... oval:org.secpod.oval:def:117123 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:9 ImageMagick is installed oval:org.secpod.oval:def:201821 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specia ... oval:org.secpod.oval:def:201916 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specia ... oval:org.secpod.oval:def:500379 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specia ... oval:org.secpod.oval:def:34297 Apple Mac OS X 10.11 (el capitan) is installed oval:org.secpod.oval:def:2001380 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteCALSImage in coders/cals.c. oval:org.secpod.oval:def:2000143 ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases, as demonstrated by VP8 errors. oval:org.secpod.oval:def:2001042 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the lite_font_map function in coders/wmf.c. oval:org.secpod.oval:def:700977 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:400810 ImageMagick was updated to fix 66 security issues. These security issues were fixed: - CVE-2014-9810: SEGV in dpx file handler. - CVE-2014-9811: Crash in xwd file handler . - CVE-2014-9812: NULL pointer dereference in ps file handling . - CVE-2014-9813: Crash on corrupted viff file . - CVE-2014-9814 ... oval:org.secpod.oval:def:2001163 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage function in coders/mpc.c. oval:org.secpod.oval:def:602625 This updates fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and CALS files are processed. oval:org.secpod.oval:def:602462 Several vulnerabilities were discovered in Imagemagick, a program suite for image manipulation. This update fixes a large number of potential security problems such as null-pointer access and buffer-overflows that might lead to memory leaks or denial of service. Any of these security problems have a ... oval:org.secpod.oval:def:2000483 ReadWEBPImage in coders/webp.c in ImageMagick 7.0.6-5 has an issue where memory allocation is excessive because it depends only on a length field in a header. oval:org.secpod.oval:def:1601277 A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw ... oval:org.secpod.oval:def:2001351 The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service via a crafted file. NOTE: the vendor says "This is a Q64 issue and we do not support Q64." oval:org.secpod.oval:def:1800675 imagemagick is installed oval:org.secpod.oval:def:2001511 In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMVGImage in coders/mvg.c, which allows attackers to cause a denial of service, related to the function ReadSVGImage in svg.c. oval:org.secpod.oval:def:2000742 In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c. oval:org.secpod.oval:def:2000513 In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:2001017 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteHISTOGRAMImage function in coders/histogram.c. oval:org.secpod.oval:def:2000275 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMSLImage in coders/msl.c. oval:org.secpod.oval:def:2000490 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. oval:org.secpod.oval:def:2001232 In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check. oval:org.secpod.oval:def:2001339 ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMATImage in coders\mat.c. oval:org.secpod.oval:def:2001207 In ImageMagick 7.0.6-3, a missing check for multidimensional data was found in coders/mat.c, leading to a memory leak in the function ReadImage in MagickCore/constitute.c, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:2001294 In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. oval:org.secpod.oval:def:89045177 This update for ImageMagick fixes the following issues: - Memory allocation failure in AcquireMagickMemory [bsc#1007245] - update incomplete patch of CVE-2016-6823 [bsc#1001066] oval:org.secpod.oval:def:2000712 In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:2000990 In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:2001035 In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:2001039 In ImageMagick 7.0.6-3, a memory leak vulnerability was found in the function ReadOneJNGImage in coders/png.c, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:2000709 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage function in coders/png.c. oval:org.secpod.oval:def:2000301 An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:106847 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:109864 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:36268 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:36265 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to cause a sys ... oval:org.secpod.oval:def:36264 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to discl ... oval:org.secpod.oval:def:1600187 A buffer overflow flaw was found in the way ImageMagick handled PSD images that use RLE encoding. An attacker could create a malicious PSD image file that, when opened in ImageMagick, would cause ImageMagick to crash or, potentially, execute arbitrary code with the privileges of the user running Ima ... oval:org.secpod.oval:def:701980 imagemagick is installed oval:org.secpod.oval:def:89044944 This update for ImageMagick fixes the following issues: Security issues fixed: * CVE-2017-15033: A denial of service attack was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. * CVE-2017-12433: A memory leak in ReadPESImage in coder ... oval:org.secpod.oval:def:600750 Two security vulnerabilities related to EXIF processing were discovered in ImageMagick, a suite of programs to manipulate images: CVE-2012-0247 When parsing a maliciously crafted image with incorrect offset and count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two bytes to an invalid ... oval:org.secpod.oval:def:89002188 This update for ImageMagick fixes the following issues: - CVE-2017-14997: GraphicsMagick allowed remote attackers to cause a denial of service because of an integer underflow in ReadPICTImage in coders/pict.c. [bsc#1112399] - CVE-2018-16644: An regression in the security fix for the pict coder was ... oval:org.secpod.oval:def:89044612 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-6502: Possible file-descriptor leak in libmagickcore that could be triggered via a specially crafted webp file . - CVE-2017-7943: The ReadSVGImage function in svg.c allowed remote attackers to consume an amount ... oval:org.secpod.oval:def:38119 ImageMagick subpackages are installed oval:org.secpod.oval:def:203143 ImageMagick is installed oval:org.secpod.oval:def:89044874 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c - CVE-2017-9440: A memory leak was found in the function ReadPSDChannelin coders/psd.c - CVE-2017-9501: An assertion failure could cau ... oval:org.secpod.oval:def:601336 imagemagick is installed oval:org.secpod.oval:def:601257 Several buffer overflows were found in Imagemagick, a suite of image manipulation programs. Processing malformed PSD files could lead to the execution of arbitrary code. oval:org.secpod.oval:def:89044688 This update for ImageMagick fixes the following issues: - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped - CVE-2016-10049: Corrupt RLE files could have overfl ... oval:org.secpod.oval:def:89044683 This update for ImageMagick fixes the following issues: * CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service [bsc#1061254] * CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service [bsc#1060176] * ... oval:org.secpod.oval:def:202332 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that ... oval:org.secpod.oval:def:601099 Anton Kortunov reported a heap corruption in ImageMagick, a program collection and library for converting and manipulating image files. Crafted GIF files could cause ImageMagick to crash, potentially leading to arbitrary code execution. The oldstable distribution is not affected by this problem. oval:org.secpod.oval:def:117563 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:89049745 This update for ImageMagick fixes the following security issues: - CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS . - CVE-2018-16328: Prevent NULL p ... oval:org.secpod.oval:def:34301 The host is installed with Adobe Flash Player before 18.0.0.352 or 19.x through 21.x before 21.0.0.242 or Adobe AIR before 21.0.0.215 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow at ... oval:org.secpod.oval:def:2004108 In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image. oval:org.secpod.oval:def:89045385 This update for ImageMagick fixes the following issues: * CVE-2016-9556 Possible Heap-overflow found by fuzzing [bsc#1011130] * CVE-2016-9559 Possible Null pointer access found by fuzzing [bsc#1011136] * CVE-2016-8707 Possible code execution in Tiff conver utility [bsc#1014159] * CVE-2016-8866 Memor ... oval:org.secpod.oval:def:400690 This update for ImageMagick fixes the following issues: Security issues fixed: - Several coders were vulnerable to remote code execution attacks, these coders have now been disabled by default but can be re-enabled by editing "/etc/ImageMagick-*/policy.xml" - CVE-2016-3714: Insufficient s ... oval:org.secpod.oval:def:203928 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a s ... oval:org.secpod.oval:def:700851 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:600793 The initial update introduced a regression, which could lead to errors when processing some JPEG files. oval:org.secpod.oval:def:600791 Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:70131 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:125223 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:125232 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:2000452 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c. oval:org.secpod.oval:def:2000342 ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadOneJNGImage in coders\png.c. oval:org.secpod.oval:def:2000579 The ReadMAGICKImage function in coders/magick.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2000671 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c. oval:org.secpod.oval:def:2000413 The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2000896 The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2000759 The ReadMATImage function in coders/mat.c in ImageMagick through 6.9.9-3 and 7.x through 7.0.6-3 has memory leaks involving the quantum_info and clone_info data structures. oval:org.secpod.oval:def:2001395 ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c. oval:org.secpod.oval:def:2001155 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c. oval:org.secpod.oval:def:2000060 The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service via a crafted file that is mishandled in an OpenPixelCache call. oval:org.secpod.oval:def:2001587 The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service via a crafted file that is mishandled in an AcquireSemaphoreInfo call. oval:org.secpod.oval:def:2001474 ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c. oval:org.secpod.oval:def:2000232 ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePICTImage in coders/pict.c. oval:org.secpod.oval:def:2001452 When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadMATImage function in coders/mat.c. oval:org.secpod.oval:def:2001090 The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service via a crafted file, related to the WriteMSLImage function. oval:org.secpod.oval:def:113329 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:113337 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:113479 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:113497 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:114147 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:114222 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:34300 The host is installed with Adobe Flash Player before 18.0.0.352 or 19.x through 21.x before 21.0.0.242 or Adobe AIR before 21.0.0.215 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow atta ... oval:org.secpod.oval:def:3300350 SUSE Security Update: Security update for ImageMagick oval:org.secpod.oval:def:124204 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:89047636 This update for ImageMagick fixes the following issues: - CVE-2022-3213: Fixed heap buffer overflow when processing a malformed TIFF file . oval:org.secpod.oval:def:202335 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that ... oval:org.secpod.oval:def:203926 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a s ... oval:org.secpod.oval:def:203951 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially cra ... oval:org.secpod.oval:def:400720 This update for ImageMagick fixes the following issues: This security issue was fixed: - CVE-2016-5118: Prevent code execution via popen This non-security issue was fixed: - Fix encoding of /Title in generated PDFs oval:org.secpod.oval:def:203947 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially cra ... oval:org.secpod.oval:def:89049660 This update for ImageMagick fixes the following issues: - Allow writing PS, PS2, PS3, XPS, EPS and PDF, disable reading these filetypes only by default security policy oval:org.secpod.oval:def:89049688 This update for ImageMagick fixes the following issues: Security issue fixed: - Disable PS, PS2, PS3, XPS and PDF coders in default policy.xml oval:org.secpod.oval:def:89050298 This update for ImageMagick fixes the following issues: Security issue fixed: - CVE-2019-19948: Fixed a heap-based buffer overflow in WriteSGIImage . - CVE-2019-19949: Fixed a heap-based buffer over-read in WritePNGImage . Non-security issue fixed: - Fixed an issue where converting tiff to png would ... oval:org.secpod.oval:def:89050318 This update for ImageMagick fixes the following issues: - CVE-2020-27560: Fixed potential denial of service in OptimizeLayerFrames function in MagickCore/layer.c . - Fixed greyish image produced by incorrect colorspace . oval:org.secpod.oval:def:89050367 This update for ImageMagick fixes the following issues: - CVE-2020-27560: Fixed potential denial of service in OptimizeLayerFrames function in MagickCore/layer.c . oval:org.secpod.oval:def:1507044 [6.9.10.68-7] - Added fix for CVE-2021-40211 oval:org.secpod.oval:def:1701587 An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c oval:org.secpod.oval:def:1701582 An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c oval:org.secpod.oval:def:89050580 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-7175: Fixed multiple memory leaks in DecodeImage function . - CVE-2018-18544: Fixed a memory leak in the function WriteMSLImage . - CVE-2018-20467: Fixed an infinite loop in coders/bmp.c . - CVE-2019-7398: Fixe ... oval:org.secpod.oval:def:89050701 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-9956: Fixed a stack-based buffer overflow in PopHexPixel . - CVE-2019-10650: Fixed a heap-based buffer over-read in WriteTIFFImage . - CVE-2019-11007: Fixed a heap-based buffer overflow in ReadMNGImage . - CVE- ... oval:org.secpod.oval:def:89050770 This update for ImageMagick fixes the following issues: - CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory . - CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages . - CVE-2019-13310: Fixed a memory leak at AcquireMagi ... oval:org.secpod.oval:def:89050795 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-15139: Fixed a denial-of-service vulnerability in ReadXWDImage . - CVE-2019-15140: Fixed a use-after-free bug in the Matlab image parser . - CVE-2019-15141: Fixed a divide-by-zero vulnerability in the MeanShift ... oval:org.secpod.oval:def:89050891 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage . - Fixed a file content disclosure via SVG and WMF decoding . oval:org.secpod.oval:def:89050920 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-11472: Fixed a denial-of-service in ReadXWDImage . - CVE-2019-11470: Fixed a denial-of-service in ReadCINImage . - CVE-2019-11506: Fixed a heap-based buffer overflow in the WriteMATLABImage . - CVE-2019-11505: ... oval:org.secpod.oval:def:1701640 A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault oval:org.secpod.oval:def:1501499 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially cra ... oval:org.secpod.oval:def:1501498 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially cra ... oval:org.secpod.oval:def:501837 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially cra ... oval:org.secpod.oval:def:35563 The host is installed with RHEL 6 or 7 and is prone to a command injection vulnerability. A flaw is present in the application, which fails to properly sanitize certain input before passing it to the gnuplot delegate functionality. Successful exploitation could allow attackers to execute arbitrary c ... oval:org.secpod.oval:def:1600419 It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arb ... oval:org.secpod.oval:def:1800851 CVE-2016-5010: Out-of-bounds read when processing crafted tiff file. Fixed In Version: ImageMagick 6.9.5-3 oval:org.secpod.oval:def:500727 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. It was found that ImageMagick utilities tried to load ImageMagick configuration files from the current working directory. If a user ran an ImageMagick utility in an attacker- ... oval:org.secpod.oval:def:1503894 Updated ImageMagick packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are av ... oval:org.secpod.oval:def:500795 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that ... oval:org.secpod.oval:def:500796 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that ... oval:org.secpod.oval:def:205842 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * ImageMagick: Shell injection via PDF password could result in arbitrary code execution For more details about the security issue, including the impact, a CVS ... oval:org.secpod.oval:def:89049116 This update for ImageMagick fixes the following issues: * CVE-2023-3195: Fixed stack overflow in coders/tiff.c while parsing malicious tiff file . oval:org.secpod.oval:def:1900036 ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c. oval:org.secpod.oval:def:2000600 ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c. oval:org.secpod.oval:def:602815 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TGA, Sun or PSD files are processed. This update also fixes visual artefacts ... oval:org.secpod.oval:def:51576 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:36263 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:36262 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:36261 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:36260 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:36269 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a cross-protocol cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attack ... oval:org.secpod.oval:def:36267 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a cross-protocol cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attack ... oval:org.secpod.oval:def:36266 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to compr ... oval:org.secpod.oval:def:36259 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:36258 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an user interface spoofing vulnerability. A flaw is present in the application, which improperly validates security origins. Successful exploitation could allow attackers to us ... oval:org.secpod.oval:def:36257 The host is installed with Apple Safari before 9.1.2 on Apple Mac OS X 10.11 or Apple Mac OS X Server 10.11 and is prone to an information disclosure vulnerability. A flaw is present in the application, which improperly processes of SVG. Successful exploitation could allow attackers to disclose imag ... oval:org.secpod.oval:def:51670 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:501819 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a s ... oval:org.secpod.oval:def:51681 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:602503 Nikolay Ermishkin from the Mail.Ru Security Team and Stewie discovered several vulnerabilities in ImageMagick, a program suite for image manipulation. These vulnerabilities, collectively known as ImageTragick, are the consequence of lack of sanitization of untrusted input. An attacker with control o ... oval:org.secpod.oval:def:51738 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:1501459 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a s ... oval:org.secpod.oval:def:1501458 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a s ... oval:org.secpod.oval:def:602521 Bob Friesenhahn from the GraphicsMagick project discovered a command injection vulnerability in ImageMagick, a program suite for image manipulation. An attacker with control on input image or the input filename can execute arbitrary commands with the privileges of the user running the application. T ... oval:org.secpod.oval:def:51747 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:36270 The host is missing a security update according to Apple advisory APPLE-SA-2016-07-18-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted website. Successful exploitation allows attackers to crash the service, disclose th ... oval:org.secpod.oval:def:602787 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, IPL, MPC or PSB files are processed. oval:org.secpod.oval:def:703146 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:602685 Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation. These issues include several problems in memory handling that can result in a denial of service attack or in execution of arbitrary code by an attacker with control on the image input. oval:org.secpod.oval:def:703379 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:602594 This updates fixes many vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, E ... oval:org.secpod.oval:def:703483 imagemagick: Image manipulation programs and library Details: USN-3142-1 fixed vulnerabilities in ImageMagick. The security fixes introduced a regression with text labels and a regression with the text coder. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-31 ... oval:org.secpod.oval:def:34282 ImageMagick allows to process files with external libraries. This feature is called 'delegate'. It is implemented as a system() with command string ('command') from the config file delegates.xml with actual value for different params (input/output filenames etc). Due to insufficient %M param filteri ... oval:org.secpod.oval:def:34283 ImageMagick allows to make HTTP GET or FTP request. oval:org.secpod.oval:def:34286 ImageMagick allows to get content of the files from the server by using 'label' pseudo protocol. oval:org.secpod.oval:def:34284 ImageMagick allows to delete files by using 'ephemeral' pseudo protocol which deletes files after reading. oval:org.secpod.oval:def:34285 ImageMagick allows to move image files to file with any extension in any folder by using 'msl' pseudo protocol. oval:org.secpod.oval:def:703358 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:37410 The host is installed with RHEL 6 or 7 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted SGI file. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:37409 The host is installed with RHEL 6 or 7 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a maliciously crafted image. Successful exploitation could allow attackers to lead to a heap-based buffer overflow. oval:org.secpod.oval:def:108694 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:703523 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:34321 ImageMagick allows to get content of the files from the server by using 'label' pseudo protocol. oval:org.secpod.oval:def:34320 ImageMagick allows to move image files to file with any extension in any folder by using 'msl' pseudo protocol. oval:org.secpod.oval:def:34318 ImageMagick allows to make HTTP GET or FTP request. oval:org.secpod.oval:def:34319 ImageMagick allows to delete files by using 'ephemeral' pseudo protocol which deletes files after reading. oval:org.secpod.oval:def:34316 ImageMagick allows to process files with external libraries. This feature is called 'delegate'. It is implemented as a system() with command string ('command') from the config file delegates.xml with actual value for different params (input/output filenames etc). Due to insufficient %M param filteri ... oval:org.secpod.oval:def:1600352 It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would ... oval:org.secpod.oval:def:113187 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:703506 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:1800674 CVE-2016-7799: Mogrify buffer over-read in profile.c CVE-2016-7906: Mogrify heap-use-after-free in attribute.c. oval:org.secpod.oval:def:703716 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:602900 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PC ... oval:org.secpod.oval:def:113219 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:51852 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:53098 This updates fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, SVG, PSD, PDB, DPX, MAT, TGA, VST, CIN, DIB, MPC, EP ... oval:org.secpod.oval:def:51803 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:603012 This updates fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, SVG, PSD, PDB, DPX, MAT, TGA, VST, CIN, DIB, MPC, EP ... oval:org.secpod.oval:def:703627 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:703734 imagemagick: Image manipulation programs and library Details: USN-3363-1 fixed vulnerabilities in ImageMagick. The update caused a regression for certain users when processing images. The problematic patch has been reverted pending further investigation. We apologize for the inconvenience. Original ... oval:org.secpod.oval:def:2001523 In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:53219 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:2000427 ImageMagick 7.0.6-6 has a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file. oval:org.secpod.oval:def:2000682 ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c. oval:org.secpod.oval:def:2000555 In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c. oval:org.secpod.oval:def:2001500 ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. oval:org.secpod.oval:def:2000641 In ImageMagick 7.0.6-5, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2000661 ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. oval:org.secpod.oval:def:2000507 In ImageMagick 7.0.6-1, a memory leak vulnerability was found in the function ReadPESImage in coders/pes.c, which allows attackers to cause a denial of service, related to ResizeMagickMemory in memory.c. oval:org.secpod.oval:def:2000866 In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function GetImagePixelCache in MagickCore/cache.c, which allows attackers to cause a denial of service via a crafted CALS image file. oval:org.secpod.oval:def:2000177 ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file. oval:org.secpod.oval:def:2000295 In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c. oval:org.secpod.oval:def:113311 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:113308 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:113429 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:2001145 ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c. oval:org.secpod.oval:def:2001494 In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2000268 In ImageMagick 7.0.6-8, a memory leak vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001013 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2000046 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WritePCXImage in coders/pcx.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001117 ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c. oval:org.secpod.oval:def:2001240 In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. oval:org.secpod.oval:def:2001346 In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPICTImage in coders/pict.c, which allows attackers to cause a denial of service via a crafted PICT image file. oval:org.secpod.oval:def:2001588 In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function WriteOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted PNG image file. oval:org.secpod.oval:def:113518 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:2001476 In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001577 ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. oval:org.secpod.oval:def:2000262 ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c. oval:org.secpod.oval:def:2001342 In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001344 In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001586 ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. oval:org.secpod.oval:def:2000471 ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c. oval:org.secpod.oval:def:603402 This update fixes several vulnerabilities in imagemagick, a graphical software suite. Various memory handling problems or issues about incomplete input sanitizing would result in denial of service or memory disclosure. oval:org.secpod.oval:def:2000105 ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c. oval:org.secpod.oval:def:113647 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:2001320 In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service via a crafted MAT image file. oval:org.secpod.oval:def:2001443 ImageMagick 7.0.7-17 Q16 x86_64 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls. oval:org.secpod.oval:def:603224 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:2001073 In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denial of service via a crafted MNG image file that is processed by ReadOneMNGImage. oval:org.secpod.oval:def:2001062 In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c. oval:org.secpod.oval:def:2001161 In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted xpm image file. oval:org.secpod.oval:def:2001282 In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function formatIPTC in coders/meta.c, which allows attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001162 In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadPSDChannelZip in coders/psd.c, which allows attackers to cause a denial of service via a crafted psd image file. oval:org.secpod.oval:def:2000606 In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2000965 In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was found in the function ReadXPMImage in coders/xpm.c, which allows attackers to cause a denial of service via a crafted XPM image file. oval:org.secpod.oval:def:53172 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:2000856 ImageMagick 7.0.6-6 has a memory leak in ReadMATImage in coders/mat.c. oval:org.secpod.oval:def:53182 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed GIF, TTF, SVG, TIFF, PCX, JPG or SFW files are processed. oval:org.secpod.oval:def:603156 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:603170 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed GIF, TTF, SVG, TIFF, PCX, JPG or SFW files are processed. oval:org.secpod.oval:def:2000936 In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service. oval:org.secpod.oval:def:603178 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:89049767 This update for ImageMagick fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-11625: Fixed heap-based buffer over-read in SetGrayscaleImage in the quantize.c file, which allowed remote attackers to cause buffer over-read via a crafted file. - CVE-2018-11624: ... oval:org.secpod.oval:def:1900241 In ImageMagick before 6.9.7-10, there is a crash if the image dimensions are too large,as demonstrated by use of the mpc coder. oval:org.secpod.oval:def:2000496 ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. oval:org.secpod.oval:def:89049719 This update for ImageMagick fixes the following issues: Security issues fixed: * CVE-2018-14434: A memory leak for a colormap in WriteMPCImage incoders/mpc.c was fixed. * CVE-2018-14435: A memory leak in DecodeImage in coders/pcd.c was fixed. * CVE-2018-14436: A memory leak in ReadMIFFImage in cod ... oval:org.secpod.oval:def:1900105 ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c. oval:org.secpod.oval:def:53438 This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising have been found in the coders for BMP, DIB, PICT, DCM, CUT and PSD. oval:org.secpod.oval:def:1900696 In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. oval:org.secpod.oval:def:1900146 ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. oval:org.secpod.oval:def:1900154 ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c. oval:org.secpod.oval:def:2000627 ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c. oval:org.secpod.oval:def:2001384 ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c. oval:org.secpod.oval:def:2001493 In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. oval:org.secpod.oval:def:2001455 ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c. oval:org.secpod.oval:def:2000237 In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. oval:org.secpod.oval:def:603544 This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising have been found in the coders for BMP, DIB, PICT, DCM, CUT and PSD. oval:org.secpod.oval:def:1900042 In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file. oval:org.secpod.oval:def:1900165 In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImagefunction of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. oval:org.secpod.oval:def:1900161 ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. oval:org.secpod.oval:def:1900058 ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. oval:org.secpod.oval:def:1901078 In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. oval:org.secpod.oval:def:89049751 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. - CVE-2018-18016: Fixed a memory leak in Writ ... oval:org.secpod.oval:def:89049125 This update for ImageMagick fixes the following issues: * CVE-2023-34474: Fixed heap-based buffer overflow in ReadTIM2ImageData function in coders/tim2.c . oval:org.secpod.oval:def:3301663 Security update for ImageMagick oval:org.secpod.oval:def:19500379 ImageMagick before 6.9.12-91 allows attackers to cause a denial of service in Magick::Draw oval:org.secpod.oval:def:88535 imagemagick: Image manipulation programs and library ImageMagick could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:3300288 SUSE Security Update: Security update for ImageMagick oval:org.secpod.oval:def:89049286 This update for ImageMagick fixes the following issues: * CVE-2023-3745: Fixed heap out of bounds read in PushCharPixel in quantum- private.h . oval:org.secpod.oval:def:89047390 This update for ImageMagick fixes the following issues: - CVE-2022-0284: Fixed heap buffer overread in GetPixelAlpha in MagickCore/pixel-accessor.h . oval:org.secpod.oval:def:124216 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:3301084 SUSE Security Update: Security update for ImageMagick oval:org.secpod.oval:def:1701204 An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to a ... oval:org.secpod.oval:def:19500129 ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image , the convert process could be left waiting for stdin input. ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image , the resulting image could have embedded the content of an arbitr ... oval:org.secpod.oval:def:85705 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:3300831 SUSE Security Update: Security update for ImageMagick oval:org.secpod.oval:def:89047754 This update for ImageMagick fixes the following issues: - CVE-2022-2719: Fixed a reachable assertion that could lead to denial of service via a crafted file . - CVE-2022-28463: Fixed a buffer overflow that could be triggered by a crafted input file . oval:org.secpod.oval:def:707822 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:73707 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:89047503 This update for ImageMagick fixes the following issues: - CVE-2021-20224: Fixed an integer overflow that could be triggered via a crafted file . - CVE-2022-2719: Fixed a reachable assertion that could lead to denial of service via a crafted file . oval:org.secpod.oval:def:89049424 This update for ImageMagick fixes the following issues: * CVE-2020-21679: Fixed a buffer overflow in WritePCXImage function in pcx.c which may allow a remote attackers to cause a denial of service oval:org.secpod.oval:def:89348 Bryan Gonzalez discovered that the PNG support in Imagemagick could be tricked into embedding the content of an arbitrary file when converting an image file. oval:org.secpod.oval:def:89047494 This update for ImageMagick fixes the following issues: - CVE-2021-3574: Fixed memory leaks with convert command . oval:org.secpod.oval:def:89047203 This update for ImageMagick fixes the following issues: - CVE-2021-20309: Division by zero in WaveImage of MagickCore/visual-effects. - CVE-2021-20311: Division by zero in sRGBTransformImage in MagickCore/colorspace.c - CVE-2021-20312: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c ... oval:org.secpod.oval:def:89047435 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2022-28463: Fixed buffer overflow in coders/cin.c . Bugfixes: - Use png_get_eXIf_1 when available . oval:org.secpod.oval:def:89047796 This update for ImageMagick fixes the following issues: - CVE-2022-32545: Fixed an outside the range of representable values of type. - CVE-2022-32546: Fixed an outside the range of representable values of type. - CVE-2022-32547: Fixed a load of misaligned address at MagickCore/property.c oval:org.secpod.oval:def:89450 imagemagick: Image manipulation programs and library Details: USN-5855-1 fixed a vulnerability in ImageMagick. This update provides the corresponding update for Linux Mint 20.x LTS, Linux Mint 21.x LTS, and Ubuntu 22.10. Original advisory Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:89047335 This update for ImageMagick fixes the following issues: - CVE-2021-20176: Fixed division by zero caused by processing crafted file . oval:org.secpod.oval:def:97534 [CLSA-2021:1617641265] Fixed CVE-2020-29599 in ImageMagick oval:org.secpod.oval:def:1702046 Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors involving the offset variable. In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png. ... oval:org.secpod.oval:def:34293 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:34294 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:34291 The host is installed with Apple iTunes before 12.4.2 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted XML document. Successful exploitation allows attackers to disclose user information. oval:org.secpod.oval:def:34290 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:34295 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:34296 The host is installed with Apple Mac OS X or Server 10.11.x before 10.11.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to cause a system denial of service. oval:org.secpod.oval:def:34288 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:34289 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. oval:org.secpod.oval:def:89049025 This update for ImageMagick fixes the following issues: * CVE-2023-34151: Fixed an undefined behavior issue due to floating point truncation . * CVE-2023-34153: Fixed a command injection issue when encoding or decoding VIDEO files . oval:org.secpod.oval:def:89051236 This update for ImageMagick fixes the following issues: Security issues: * CVE-2023-5341: Fixed a heap use-after-free in coders/bmp.c. * CVE-2020-21679: Fixed a buffer overflow in WritePCXImage function in pcx.c which may allow a remote attackers to cause a denial of service. * CVE-2023-3745: Fixe ... oval:org.secpod.oval:def:95073 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:612992 This update fixes multiple vulnerabilities in Imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. oval:org.secpod.oval:def:19500087 A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of s ... oval:org.secpod.oval:def:1701278 A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of s ... oval:org.secpod.oval:def:125788 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:125422 ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work i ... oval:org.secpod.oval:def:19500042 Possible heap-based buffer overflow attack in ImportMultiSpectralQuantum in MagickCore/quantum-import.c for ImageMagick oval:org.secpod.oval:def:19500366 A vulnerability was found in ImageMagick. This issue occurs as an undefined behavior, casting double to size_t in svg, mvg and other coders oval:org.secpod.oval:def:19500468 A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c oval:org.secpod.oval:def:89050948 This update for ImageMagick fixes the following issues: * CVE-2023-5341: Fixed a heap use-after-free in coders/bmp.c oval:org.secpod.oval:def:1601706 A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of s ... oval:org.secpod.oval:def:89050944 This update for ImageMagick fixes the following issues: * CVE-2023-5341: Fixed a heap use-after-free in coders/bmp.c oval:org.secpod.oval:def:89048741 This update for ImageMagick fixes the following issues: * CVE-2023-1906: Fixed a heap-based buffer overflow in ImportMultiSpectralQuantum oval:org.secpod.oval:def:19500303 The upstream bug report describes this issue as follows:"A vulnerability was found in ImageMagick less than =7.1.1, where heap-based buffer overflow was found in coders/tiff.c." oval:org.secpod.oval:def:89048926 This update for ImageMagick fixes the following issues: * CVE-2023-34151: Fixed an undefined behavior issue due to floating point truncation . * CVE-2023-34153: Fixed a command injection issue when encoding or decoding VIDEO files . oval:org.secpod.oval:def:89048924 This update for ImageMagick fixes the following issues: * CVE-2023-34151: Fixed an undefined behavior issue due to floating point truncation . oval:org.secpod.oval:def:1701855 A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c oval:org.secpod.oval:def:1701830 A vulnerability was found in ImageMagick. This issue occurs as an undefined behavior, casting double to size_t in svg, mvg and other coders oval:org.secpod.oval:def:91654 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:91653 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:89048599 This update for ImageMagick fixes the following issues: * CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG oval:org.secpod.oval:def:89048583 This update for ImageMagick fixes the following issues: * CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG oval:org.secpod.oval:def:708464 imagemagick: Image manipulation programs and library ImageMagick could be made to crash when processing the -help option. oval:org.secpod.oval:def:95026 imagemagick: Image manipulation programs and library ImageMagick could be made to crash when processing the -help option. oval:org.secpod.oval:def:1701635 A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command oval:org.secpod.oval:def:2001305 ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. oval:org.secpod.oval:def:1900108 In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x360x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails.Remote attack ... oval:org.secpod.oval:def:2000445 There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. oval:org.secpod.oval:def:2000460 ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. oval:org.secpod.oval:def:1901561 In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. oval:org.secpod.oval:def:205492 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. The following packages have been upgraded to a later upstream version: ImageMagick . Security Fix: * ImageMagick: multiple security vulnerabilities For more details about t ... oval:org.secpod.oval:def:51023 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:52119 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:2000338 An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:2001506 In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. oval:org.secpod.oval:def:2000647 In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. oval:org.secpod.oval:def:2005090 ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. oval:org.secpod.oval:def:2005092 ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. oval:org.secpod.oval:def:2005091 ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. oval:org.secpod.oval:def:2005093 ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. oval:org.secpod.oval:def:2000501 In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. oval:org.secpod.oval:def:2005089 ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. oval:org.secpod.oval:def:2000873 ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. oval:org.secpod.oval:def:2000184 In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote atta ... oval:org.secpod.oval:def:705282 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:2001381 An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:89046729 This update for ImageMagick fixes the following issues: - CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. - CVE-2022-32545: Fixed an outside the range of representable values of type. - CVE-2022-32546: Fixed an outside the range of representable values of type. - CV ... oval:org.secpod.oval:def:1504542 autotrace [0.31.1-38] - Resolves: #1765205 rebuild against new IM emacs [1:24.3-23] - Resolves: #1765208 rebuild against new IM ImageMagick [6.9.10.68-3] - Fixing freeze when svg file contains class="" [6.9.10.68-2] - Fixed ghostscript fonts, fixed multilib conflicts [6.9.10.68-1] - Rebase to 6.9.10 ... oval:org.secpod.oval:def:2000376 ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. oval:org.secpod.oval:def:1901753 In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. oval:org.secpod.oval:def:603854 This update fixes two vulnerabilities in Imagemagick: Memory handling problems and missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed. oval:org.secpod.oval:def:704155 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:1901766 In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. oval:org.secpod.oval:def:2000365 ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. oval:org.secpod.oval:def:704122 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:704338 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:47878 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:89002414 This update for ImageMagick fixes the following issues: These security issues were fixed: - CVE-2017-13758: Prevent heap-based buffer overflow in the TracePoint function . - CVE-2017-10928: Prevent heap-based buffer over-read in the GetNextToken function that allowed remote attackers to obtain sensi ... oval:org.secpod.oval:def:57449 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:89002518 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. - CVE-2018-18016: Fi ... oval:org.secpod.oval:def:603452 This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:70306 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:2001160 In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. oval:org.secpod.oval:def:2001289 In ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file. oval:org.secpod.oval:def:2000829 ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. oval:org.secpod.oval:def:1900170 There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.cin GraphicsMagick before 1.3.31. oval:org.secpod.oval:def:89002371 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18544: Fixed memory leak in the function WriteMSLImage . Non-security issues fixed: - Improve import documentation . - Allow override system security policy . - asan_build: build ASAN included - debug_build: bu ... oval:org.secpod.oval:def:51056 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:1901193 In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. oval:org.secpod.oval:def:503627 ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. The following packages have been upgraded to a later upstream version: ImageMagick . Security Fix: * ImageMagick: multiple security vulnerabilities For more details about t ... oval:org.secpod.oval:def:1902041 An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. oval:org.secpod.oval:def:51073 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:54583 This update fixes two vulnerabilities in Imagemagick: Memory handling problems and missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed. oval:org.secpod.oval:def:53369 This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:89002473 This update for ImageMagick fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has ... oval:org.secpod.oval:def:1902027 In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:89002239 This update for ImageMagick fixes the following issues: - CVE-2017-14325: In ImageMagick, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allowed attackers to cause a denial of service via a crafted file. [bsc#1058635] - CVE-2017-17887: In ImageMagic ... oval:org.secpod.oval:def:89047346 This update for ImageMagick fixes the following issues: - CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. - CVE-2022-32545: Fixed an outside the range of representable values of type. - CVE-2022-32546: Fixed an outside the range of representable values of type. - CV ... oval:org.secpod.oval:def:1900084 In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. oval:org.secpod.oval:def:1902030 In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. oval:org.secpod.oval:def:34287 The host is installed with Apple iTunes before 12.4.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to crash the service. |