Debian Imagemagick vulnerabilities

CVE-2014-9822 [HIGH] CVE-2014-9822: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9820 [HIGH] CVE-2014-9820: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9804 [HIGH] CVE-2014-9804: imagemagick - vision.c in ImageMagick allows remote attackers to cause a denial of service (in... vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object." Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9851 [HIGH] CVE-2014-9851: imagemagick - ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (applic... ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (application crash). Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9834 [HIGH] CVE-2014-9834: imagemagick - Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9848 [HIGH] CVE-2014-9848: imagemagick - Memory leak in ImageMagick allows remote attackers to cause a denial of service ... Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9828 [HIGH] CVE-2014-9828: imagemagick - coders/psd.c in ImageMagick allows remote attackers to have unspecified impact v... coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9827 [HIGH] CVE-2014-9827: imagemagick - coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact v... coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-2030 [HIGH] CVE-2014-2030: imagemagick - Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in Ima... Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947. Scope: local bookworm: resolved (fixed in 8:6.7.7.10+dfsg-1)

CVE-2014-9854 [HIGH] CVE-2014-9854: imagemagick - coders/tiff.c in ImageMagick allows remote attackers to cause a denial of servic... coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image." Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-

CVE-2014-9831 [HIGH] CVE-2014-9831: imagemagick - coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact v... coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9817 [HIGH] CVE-2014-9817: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9821 [HIGH] CVE-2014-9821: imagemagick - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspec... Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9842 [HIGH] CVE-2014-9842: imagemagick - Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9... Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resol

CVE-2014-8355 [MEDIUM] CVE-2014-8355: graphicsmagick - PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a... PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read). Scope: local bookworm: resolved (fixed in 1.3.20-3+deb8u1) bullseye: resolved (fixed in 1.3.20-3+deb8u1) forky: resolved (fixed in 1.3.20-3+deb8u1) sid: resolved (fixed in 1.3.20-3+deb8u1) trixie: resolved (fixed in 1.3.20-3+deb8u1)

CVE-2014-8354 [MEDIUM] CVE-2014-8354: imagemagick - The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows r... The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-1) bullseye: resolved (fixed in 8:6.8.9.9-1) forky: resolved (fixed in 8:6.8.9.9-1) sid: resolved (fixed in 8:6.8.9.9-1) trixie: resolved (f

CVE-2014-9845 [MEDIUM] CVE-2014-9845: imagemagick - The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers... The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9809 [MEDIUM] CVE-2014-9809: imagemagick - ImageMagick allows remote attackers to cause a denial of service (segmentation f... ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9853 [MEDIUM] CVE-2014-9853: imagemagick - Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a de... Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-9816 [MEDIUM] CVE-2014-9816: imagemagick - ImageMagick allows remote attackers to cause a denial of service (out-of-bounds ... ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)