Debian Imagemagick vulnerabilities

CVE-2014-9810 [MEDIUM] CVE-2014-9810: imagemagick - The dpx file handler in ImageMagick allows remote attackers to cause a denial of... The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.

CVE-2014-9815 [MEDIUM] CVE-2014-9815: imagemagick - ImageMagick allows remote attackers to cause a denial of service (application cr... ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. Scope: local bookworm: resolved (fixed in 8:6.8.9.9-4) bullseye: resolved (fixed in 8:6.8.9.9-4) forky: resolved (fixed in 8:6.8.9.9-4) sid: resolved (fixed in 8:6.8.9.9-4) trixie: resolved (fixed in 8:6.8.9.9-4)

CVE-2014-1947 [HIGH] CVE-2014-1947: graphicsmagick - Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in Ima... Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. Scope: local bookworm: resolved (fixed

CVE-2013-4298 [MEDIUM] CVE-2013-4298: imagemagick - The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows r... The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF image. Scope: local bookworm: resolved (fixed in 8:6.7.7.10-6) bullseye: resolved (fixed in 8:6.7.7.10-6) forky: resolved (fixed in 8:6.7.7.10-6) sid: resolved (fixed

CVE-2012-1185 [HIGH] CVE-2012-1185: imagemagick - Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in I... Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE

CVE-2012-0247 [HIGH] CVE-2012-0247: imagemagick - ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of ser... ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. Scope: local bookworm: resolved (fixed in 8:6.6.9.7-6) bullseye: resolved (fixed in 8:6.6.9.7-6) forky: resolved (fixed in 8:6.6.9.7-

CVE-2012-1610 [MEDIUM] CVE-2012-1610: imagemagick - Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMa... Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 allows remote attackers to cause a denial of service (out-of-bounds read) via a large component count for certain EXIF tags in a JPEG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0259. Scope: local bookworm: resolved (fixed in 8

CVE-2012-1186 [MEDIUM] CVE-2012-1186: imagemagick - Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6... Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248. Scope: local bookworm: resolved (fixed in 8:6.6.9.7-7) bullseye:

CVE-2012-1798 [MEDIUM] CVE-2012-1798: imagemagick - The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-... The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. Scope: local bookworm: resolved (fixed in 8:6.7.4.0-4) bullseye: resolved (fixed in 8:6.7.4.0-4) forky: resolved (fixed in 8:6.7.4.0-4) sid: resolved (fixed i

CVE-2012-0259 [MEDIUM] CVE-2012-0259: imagemagick - The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 ... The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read. Scope: local bookworm: resolved (fixed in 8:6.7.4.0-4) bullseye: resolved (fixed in 8:6.7.4.0-4) forky

CVE-2012-0260 [MEDIUM] CVE-2012-0260: imagemagick - The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 a... The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. Scope: local bookworm: resolved (fixed in 8:6.7.4.0-4) bullseye: resolved (fixed in 8:6.7.4.0-4) forky: resolved (fixed in 8:6.7.4.0-4) sid: resolved

CVE-2012-3437 [MEDIUM] CVE-2012-3437: imagemagick - The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier ... The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. Scope: local bookworm: resolved (fixed in 8:6.7.7.10-3) bullseye: resolved (fixed i

CVE-2012-0248 [MEDIUM] CVE-2012-0248: imagemagick - ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of ser... ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. Scope: local bookworm: resolved (fixed in 8:6.6.9.7-6) bullseye: resolved (fixed in 8:6.6.9.7-6) forky: resolved (fixed in 8:6.6.9.7-6) sid: resolved (fixed in 8

CVE-2010-4167 [MEDIUM] CVE-2010-4167: imagemagick - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5... Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. Scope: local bookworm: resolved (fixed in 8:6.6.0.4-3) bullseye: resolved (fixed in 8:6.6.0.4-3) forky: resolved (fixed in 8:6

CVE-2009-1882 [CRITICAL] CVE-2009-1882: graphicsmagick - Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6... Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information. Scope: local bookworm: r

CVE-2009-3736 [MEDIUM] CVE-2009-3736: bochs - ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham ... ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2008-1096 [MEDIUM] CVE-2008-1096: graphicsmagick - The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8... The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function. Scope: loc

CVE-2008-3134 [MEDIUM] CVE-2008-3134: graphicsmagick - Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote... Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/im

CVE-2008-1097 [MEDIUM] CVE-2008-1097: graphicsmagick - Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in code... Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline ar

CVE-2007-4987 [CRITICAL] CVE-2007-4987: imagemagick - Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before ... Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address. Scope: local bookworm: resolved (fixed in 7:6.2.4.5.dfsg1-2) bullseye: resolved (fixed in 7:6.2.4.5.dfsg1-2) fo