Debian Imagemagick vulnerabilities

CVE-2015-8903 [MEDIUM] CVE-2015-8903: imagemagick - The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 ... The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-6) bullseye: resolved (fixed in 8:6.8.9.9-6) forky: resolved (fixed in 8:6.8.9.9-6) sid: resolved (fixed in 8:6.8.9.9-6) trixie: res

CVE-2015-8902 [MEDIUM] CVE-2015-8902: imagemagick - The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta... The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-6) bullseye: resolved (fixed in 8:6.8.9.9-6) forky: resolved (fixed in 8:6.8.9.9-6) sid: resolved (fixed in 8:6.8.9.9-6) trixie: resolved

CVE-2014-9843 [CRITICAL] CVE-2014-9843: imagemagick - The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remot... The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9847 [CRITICAL] CVE-2014-9847: imagemagick - The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspec... The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9841 [CRITICAL] CVE-2014-9841: imagemagick - The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote ... The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to "throwing of exceptions." Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolv

CVE-2014-9846 [CRITICAL] CVE-2014-9846: imagemagick - Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.... Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9852 [CRITICAL] CVE-2014-9852: imagemagick - distribute-cache.c in ImageMagick re-uses objects after they have been destroyed... distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed i

CVE-2014-9826 [CRITICAL] CVE-2014-9826: imagemagick - ImageMagick allows remote attackers to have unspecified impact via vectors relat... ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9824 [HIGH] CVE-2014-9824: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6

CVE-2014-9839 [HIGH] CVE-2014-9839: imagemagick - magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to caus... magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9833 [HIGH] CVE-2014-9833: imagemagick - Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9823 [HIGH] CVE-2014-9823: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:

CVE-2014-1958 [HIGH] CVE-2014-1958: imagemagick - Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick b... Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-2030. Scope: local bookworm: resolved (fixed in 8:6.7.7.10+dfsg-1) bullseye: resolved (fixed in 8:6.7.7.10+dfsg-1) forky: r

CVE-2014-9850 [HIGH] CVE-2014-9850: imagemagick - Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of ... Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9832 [HIGH] CVE-2014-9832: imagemagick - Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9849 [HIGH] CVE-2014-9849: imagemagick - The png coder in ImageMagick allows remote attackers to cause a denial of servic... The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9819 [HIGH] CVE-2014-9819: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:

CVE-2014-9830 [HIGH] CVE-2014-9830: imagemagick - coders/sun.c in ImageMagick allows remote attackers to have unspecified impact v... coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9825 [HIGH] CVE-2014-9825: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6

CVE-2014-9835 [HIGH] CVE-2014-9835: imagemagick - Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)