Debian Imagemagick vulnerabilities

CVE-2017-16546 [HIGH] CVE-2017-16546: imagemagick - The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not proper... The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or possibly have unspecified other impact via a malformed WPG file. Scope: local bookworm: resolved (fixed in 8:6.9.9.3

CVE-2017-5510 [HIGH] CVE-2017-5510: imagemagick - coders/psd.c in ImageMagick allows remote attackers to have unspecified impact v... coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-1) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-1) forky: resolved (fixed in 8:6.9.7.4+dfsg-1) sid: resolved (fixed in 8:6.9.7.4+dfsg-1) trixie: resolved (fixed in 8:6.

CVE-2017-6497 [HIGH] CVE-2017-6497: imagemagick - An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could... An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS). Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-2) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-2) forky: resolved (fixed in 8:6.9.7.4+dfsg-2) sid: resolved (fixed in 8:6.9.7.4+dfsg-2) trixie: resolved (fixed in 8:6.9.7.4+dfsg-

CVE-2017-10928 [HIGH] CVE-2017-10928: imagemagick - In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken functi... In ImageMagick 7.0.6-0, a heap-based buffer over-read in the GetNextToken function in token.c allows remote attackers to obtain sensitive information from process memory or possibly have unspecified other impact via a crafted SVG document that is mishandled in the GetUserSpaceCoordinateValue function in coders/svg.c. Scope: local bookworm: resolved (fixed in 8:6

CVE-2017-5506 [HIGH] CVE-2017-5506: imagemagick - Double free vulnerability in magick/profile.c in ImageMagick allows remote attac... Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-1) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-1) forky: resolved (fixed in 8:6.9.7.4+dfsg-1) sid: resolved (fixed in 8:6.9.7.4+dfsg-1) trixie: resolved (fixed in 8:6.9.7.4+dfsg

CVE-2017-7619 [HIGH] CVE-2017-7619: imagemagick - In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point r... In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-4) bullseye: resolved (fixed in 8:6.9.7.4+d

CVE-2017-11450 [HIGH] CVE-2017-11450: imagemagick - coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a d... coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via JPEG data that is too short. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-12) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-12) forky: resolved (fixed in 8:6.9.7.4+dfsg-12) sid: resolved (fix

CVE-2017-11478 [MEDIUM] CVE-2017-11478: imagemagick - The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 an... The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-12) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-12) forky: resolved (fixed in 8:6.9.7.

CVE-2017-1000476 [MEDIUM] CVE-2017-1000476: imagemagick - ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the functi... ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg

CVE-2017-13061 [MEDIUM] CVE-2017-13061: imagemagick - In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the funct... In ImageMagick 7.0.6-5, a length-validation vulnerability was found in the function ReadPSDLayersInternal in coders/psd.c, which allows attackers to cause a denial of service (ReadPSDImage memory exhaustion) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in

CVE-2017-6501 [MEDIUM] CVE-2017-6501: imagemagick - An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could... An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-2) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-2) forky: resolved (fixed in 8:6.9.7.4+dfsg-2) sid: resolved (fixed in 8:6.9.7.4+dfsg-2) trixie: resolved (fixed in 8:6.9.7.4+dfsg-2)

CVE-2017-6499 [MEDIUM] CVE-2017-6499: imagemagick - An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted fi... An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS). Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-2) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-2) forky: resolved (fixed in 8:6.9.7.4+dfsg-2) sid: resolved (fixed in 8:6.9.7.4+dfsg-2) trixie: resolved

CVE-2017-9143 [MEDIUM] CVE-2017-9143: imagemagick - In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attacke... In ImageMagick 7.0.5-5, the ReadARTImage function in coders/art.c allows attackers to cause a denial of service (memory leak) via a crafted .art file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-9) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-9) forky: resolved (fixed in 8:6.9.7.4+dfsg-9) sid: resolved (fixed in 8:6.9.7.4+dfsg-9) trixie: resolved (fi

CVE-2017-11525 [MEDIUM] CVE-2017-11525: imagemagick - The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x ... The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-12) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-12) forky: resolved (fixed in 8:6.9.7.4+dfsg-12) sid: resolved (fixe

CVE-2017-11533 [MEDIUM] CVE-2017-11533: imagemagick - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a h... When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage() function in coders/uil.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-13) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-13) forky: resolved (fixed in 8:6.9.7.4+dfsg-13) sid: resolved (fixed in 8:6.9.7.4+dfsg-13) trixie: r

CVE-2017-11360 [MEDIUM] CVE-2017-11360: imagemagick - The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loo... The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge number_pixels value. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-12) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-12) forky: resolved (fixed in 8:6.9.7.4+dfsg-12) sid: resolved (fixed in 8:6.9.7.4+dfsg-12) trix

CVE-2017-6498 [MEDIUM] CVE-2017-6498: imagemagick - An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger ... An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-2) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-2) forky: resolved (fixed in 8:6.9.7.4+dfsg-2) sid: resolved (fixed in 8:6.9.7.4+dfsg-2) trixie: resolved (fixed in 8:6.9.7.4+dfsg-2)

CVE-2017-17504 [MEDIUM] CVE-2017-17504: imagemagick - ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-... ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage. Scope: local bookworm: resolved (fixed in 8:6.9.9.34+dfsg-3) bullseye: resolved (fixed in 8:6.9.9.34+dfsg-3) forky: resolved (fixed in 8:6.9.9.34+dfsg-3) sid: resolved (fixed in 8:6.9.9.34+dfsg-3) trixie: resolv

CVE-2017-9144 [MEDIUM] CVE-2017-9144: imagemagick - In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incor... In ImageMagick 7.0.5-5, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-9) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-9) forky: resolved (fixed in 8:6.9.7.4+dfsg-9) sid: resolved (fixed in 8:6.9.7.4+dfsg-9) trixie: resolved (fixed in 8:6.9.7.4+dfsg-9)

CVE-2017-12434 [MEDIUM] CVE-2017-12434: imagemagick - In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the func... In ImageMagick 7.0.6-1, a missing NULL check vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service (assertion failure) in DestroyImageInfo in image.c. Scope: local bookworm: resolved (fixed in 8:6.9.7.4+dfsg-14) bullseye: resolved (fixed in 8:6.9.7.4+dfsg-14) forky: resolved (fixed in 8:6.9.7.