ID CVE-2014-9828
Summary coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.
References
Vulnerable Configurations
  • ImageMagick
    cpe:2.3:a:imagemagick:imagemagick
CVSS
Base: 6.8
Impact:
Exploitability:
CWE CWE-284
CAPEC
  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Signature Spoofing by Key Theft
    An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-825.NASL
    description GraphicsMagick was updated to fix 37 security issues. These security issues were fixed : - CVE-2014-9810: SEGV in dpx file handler (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2014-9807: Double free in pdb coder. (bsc#983794). - CVE-2014-9828: corrupted (too many colors) psd file (bsc#984028). - CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752). - CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796). - CVE-2014-9820: Heap overflow in xpm files (bsc#984150). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799). - CVE-2016-5240: SVG converting issue resulting in DoS (endless loop) (bsc#983309). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144). - CVE-2016-5241: Arithmetic exception (div by 0) in SVG conversion (bsc#983455). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2014-9846: Added checks to prevent overflow in rle file (bsc#983521). - CVE-2016-2317: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853). - CVE-2016-2318: Multiple vulnerabilities when parsing and processing SVG files (bsc#965853).
    last seen 2019-02-21
    modified 2017-03-27
    plugin id 91945
    published 2016-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91945
    title openSUSE Security Update : GraphicsMagick (openSUSE-2016-825)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3131-1.NASL
    description It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 95053
    published 2016-11-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=95053
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : imagemagick vulnerabilities (USN-3131-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1782-1.NASL
    description ImageMagick was updated to fix 55 security issues. These security issues were fixed : - CVE-2014-9810: SEGV in dpx file handler (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9836: Crash in xpm file handling (bsc#984023). - CVE-2014-9851: Crash when parsing resource block (bsc#984160). - CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9806: Prevent file descriptr leak due to corrupted file (bsc#983774). - CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370). - CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184). - CVE-2015-8898: Prevent NULL pointer access in magick/constitute.c (bsc#983746). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739). - CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451). - CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456). - CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752). - CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796). - CVE-2014-9820: heap overflow in xpm files (bsc#984150). - CVE-2014-9823: heap overflow in palm file (bsc#984401). - CVE-2014-9822: heap overflow in quantum file (bsc#984187). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2014-9824: Heap overflow in psd file (bsc#984185). - CVE-2014-9809: Fix a SEGV due to corrupted xwd images. (bsc#983799). - CVE-2014-9826: Incorrect error handling in sun files (bsc#984186). - CVE-2014-9842: Memory leak in psd handling (bsc#984374). - CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144). - CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9849: Crash in png coder (bsc#984018). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2014-9807: Fix a double free in pdb coder. (bsc#983794). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308). - CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305). - CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028). - CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609). - CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93178
    published 2016-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93178
    title SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:1782-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-840.NASL
    description ImageMagick was updated to fix 66 security issues. These security issues were fixed : - CVE-2014-9810: SEGV in dpx file handler (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9850: Incorrect thread limit logic (bsc#984149). - CVE-2014-9851: Crash when parsing resource block (bsc#984160). - CVE-2014-9852: Incorrect usage of object after it has been destroyed (bsc#984191). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8900: HDR file DoS (endless loop) (bsc#983232). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9806: Leaked file descriptor due to corrupted file (bsc#983774). - CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448). - CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370). - CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184). - CVE-2015-8898: Prevent NULL pointer access in magick/constitute.c (bsc#983746). - CVE-2014-9833: Heap overflow in psd file (bsc#984406). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8895: Integer and Buffer overflow in coders/icon.c (bsc#983527). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739). - CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451). - CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456). - CVE-2014-9836: Crash in xpm file handling (bsc#984023). - CVE-2014-9808: SEGV due to corrupted dpc images (bsc#983796). - CVE-2014-9821: Avoid heap overflow in pnm files (bsc#984014). - CVE-2014-9820: Heap overflow in xpm files (bsc#984150). - CVE-2014-9823: Heap overflow in palm file (bsc#984401). - CVE-2014-9822: Heap overflow in quantum file (bsc#984187). - CVE-2014-9825: Heap overflow in corrupted psd file (bsc#984427). - CVE-2014-9824: Heap overflow in psd file (bsc#984185). - CVE-2014-9809: SEGV due to corrupted xwd images (bsc#983799). - CVE-2014-9826: Incorrect error handling in sun files (bsc#984186). - CVE-2014-9843: Incorrect boundary checks in DecodePSDPixels (bsc#984179). - CVE-2014-9842: Memory leak in psd handling (bsc#984374). - CVE-2014-9841: Throwing of exceptions in psd handling (bsc#984172). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144). - CVE-2014-9846: Added checks to prevent overflow in rle file (bsc#983521). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9849: Crash in png coder (bsc#984018). - CVE-2014-9848: Memory leak in quantum management (bsc#984404). - CVE-2014-9807: Double free in pdb coder (bsc#983794). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2014-9832: Heap overflow in pcx file (bsc#984183). - CVE-2014-9805: SEGV due to a corrupted pnm file (bsc#983752). - CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308). - CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305). - CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028). - CVE-2016-5841: Out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE (bnc#986609). - CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE (bnc#986608).
    last seen 2019-02-21
    modified 2016-12-05
    plugin id 91967
    published 2016-07-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91967
    title openSUSE Security Update : ImageMagick (openSUSE-2016-840)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1784-1.NASL
    description ImageMagick was updated to fix 66 security issues. These security issues were fixed : - CVE-2014-9810: SEGV in dpx file handler. (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9850: Incorrect thread limit logic (bsc#984149). - CVE-2014-9851: Crash when parsing resource block (bsc#984160). - CVE-2014-9852: Incorrect usage of object after it has been destroyed (bsc#984191). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8900: HDR file DoS (endless loop) (bsc#983232). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9806: Prevent leak of file descriptor due to corrupted file. (bsc#983774). - CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448). - CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370). - CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184). - CVE-2015-8898: Prevent NULL pointer access in magick/constitute.c (bsc#983746). - CVE-2014-9833: Heap overflow in psd file (bsc#984406). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8895: Integer and Buffer overflow in coders/icon.c (bsc#983527). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739). - CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451). - CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456). - CVE-2014-9836: Crash in xpm file handling (bsc#984023). - CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796). - CVE-2014-9821: Avoid heap overflow in pnm files. (bsc#984014). - CVE-2014-9820: Heap overflow in xpm files (bsc#984150). - CVE-2014-9823: Heap overflow in palm file (bsc#984401). - CVE-2014-9822: Heap overflow in quantum file (bsc#984187). - CVE-2014-9825: Heap overflow in corrupted psd file (bsc#984427). - CVE-2014-9824: Heap overflow in psd file (bsc#984185). - CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799). - CVE-2014-9826: Incorrect error handling in sun files (bsc#984186). - CVE-2014-9843: Incorrect boundary checks in DecodePSDPixels (bsc#984179). - CVE-2014-9842: Memory leak in psd handling (bsc#984374). - CVE-2014-9841: Throwing of exceptions in psd handling (bsc#984172). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144). - CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9849: Crash in png coder (bsc#984018). - CVE-2014-9848: Memory leak in quantum management (bsc#984404). - CVE-2014-9807: Double free in pdb coder. (bsc#983794). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2014-9832: Heap overflow in pcx file (bsc#984183). - CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752). - CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308). - CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305). - CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028). - CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609). - CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 93179
    published 2016-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93179
    title SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:1784-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-883.NASL
    description ImageMagick was updated to fix 66 security issues. These security issues were fixed : - CVE-2014-9810: SEGV in dpx file handler. (bsc#983803). - CVE-2014-9811: Crash in xwd file handler (bsc#984032). - CVE-2014-9812: NULL pointer dereference in ps file handling (bsc#984137). - CVE-2014-9813: Crash on corrupted viff file (bsc#984035). - CVE-2014-9814: NULL pointer dereference in wpg file handling (bsc#984193). - CVE-2014-9815: Crash on corrupted wpg file (bsc#984372). - CVE-2014-9816: Out of bound access in viff image (bsc#984398). - CVE-2014-9817: Heap buffer overflow in pdb file handling (bsc#984400). - CVE-2014-9818: Out of bound access on malformed sun file (bsc#984181). - CVE-2014-9819: Heap overflow in palm files (bsc#984142). - CVE-2014-9830: Handling of corrupted sun file (bsc#984135). - CVE-2014-9831: Handling of corrupted wpg file (bsc#984375). - CVE-2014-9850: Incorrect thread limit logic (bsc#984149). - CVE-2014-9851: Crash when parsing resource block (bsc#984160). - CVE-2014-9852: Incorrect usage of object after it has been destroyed (bsc#984191). - CVE-2014-9853: Memory leak in rle file handling (bsc#984408). - CVE-2015-8902: PDB file DoS (CPU consumption) (bsc#983253). - CVE-2015-8903: Denial of service (cpu) in vicar (bsc#983259). - CVE-2015-8900: HDR file DoS (endless loop) (bsc#983232). - CVE-2015-8901: MIFF file DoS (endless loop) (bsc#983234). - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442). - CVE-2014-9834: Heap overflow in pict file (bsc#984436). - CVE-2014-9806: Prevent leak of file descriptor due to corrupted file. (bsc#983774). - CVE-2016-5687: Out of bounds read in DDS coder (bsc#985448). - CVE-2014-9838: Out of memory crash in magick/cache.c (bsc#984370). - CVE-2014-9854: Filling memory during identification of TIFF image (bsc#984184). - CVE-2015-8898: Prevent NULL pointer access in magick/constitute.c (bsc#983746). - CVE-2014-9833: Heap overflow in psd file (bsc#984406). - CVE-2015-8894: Double free in coders/tga.c:221 (bsc#983523). - CVE-2015-8895: Integer and Buffer overflow in coders/icon.c (bsc#983527). - CVE-2015-8896: Double free / integer truncation issue in coders/pict.c:2000 (bsc#983533). - CVE-2015-8897: Out of bounds error in SpliceImage (bsc#983739). - CVE-2016-5690: Bad foor loop in DCM coder (bsc#985451). - CVE-2016-5691: Checks for pixel.red/green/blue in dcm coder (bsc#985456). - CVE-2014-9836: Crash in xpm file handling (bsc#984023). - CVE-2014-9808: SEGV due to corrupted dpc images. (bsc#983796). - CVE-2014-9821: Avoid heap overflow in pnm files. (bsc#984014). - CVE-2014-9820: Heap overflow in xpm files (bsc#984150). - CVE-2014-9823: Heap overflow in palm file (bsc#984401). - CVE-2014-9822: Heap overflow in quantum file (bsc#984187). - CVE-2014-9825: Heap overflow in corrupted psd file (bsc#984427). - CVE-2014-9824: Heap overflow in psd file (bsc#984185). - CVE-2014-9809: SEGV due to corrupted xwd images. (bsc#983799). - CVE-2014-9826: Incorrect error handling in sun files (bsc#984186). - CVE-2014-9843: Incorrect boundary checks in DecodePSDPixels (bsc#984179). - CVE-2014-9842: Memory leak in psd handling (bsc#984374). - CVE-2014-9841: Throwing of exceptions in psd handling (bsc#984172). - CVE-2014-9840: Out of bound access in palm file (bsc#984433). - CVE-2014-9847: Incorrect handling of 'previous' image in the JNG decoder (bsc#984144). - CVE-2014-9846: Added checks to prevent overflow in rle file. (bsc#983521). - CVE-2014-9845: Crash due to corrupted dib file (bsc#984394). - CVE-2014-9844: Out of bound issue in rle file (bsc#984373). - CVE-2014-9849: Crash in png coder (bsc#984018). - CVE-2014-9848: Memory leak in quantum management (bsc#984404). - CVE-2014-9807: Double free in pdb coder. (bsc#983794). - CVE-2014-9829: Out of bound access in sun file (bsc#984409). - CVE-2014-9832: Heap overflow in pcx file (bsc#984183). - CVE-2014-9805: SEGV due to a corrupted pnm file. (bsc#983752). - CVE-2016-4564: The DrawImage function in MagickCore/draw.c in ImageMagick made an incorrect function call in attempting to locate the next token, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983308). - CVE-2016-4563: The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick mishandled the relationship between the BezierQuantum value and certain strokes data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983305). - CVE-2016-4562: The DrawDashPolygon function in MagickCore/draw.c in ImageMagick mishandled calculations of certain vertices integer data, which allowed remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file (bsc#983292). - CVE-2014-9839: Theoretical out of bound access in magick/colormap-private.h (bsc#984379). - CVE-2016-5689: NULL ptr dereference in dcm coder (bsc#985460). - CVE-2014-9837: Additional PNM sanity checks (bsc#984166). - CVE-2014-9835: Heap overflow in wpf file (bsc#984145). - CVE-2014-9828: Corrupted (too many colors) psd file (bsc#984028). - CVE-2016-5841: Integer overflow could have read to RCE (bnc#986609). - CVE-2016-5842: Out-of-bounds read in MagickCore/property.c:1396 could have lead to memory leak (bnc#986608). This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2016-12-05
    plugin id 92487
    published 2016-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92487
    title openSUSE Security Update : ImageMagick (openSUSE-2016-883)
refmap via4
confirm
mlist [oss-security] 20160602 Re: ImageMagick CVEs
Last major update 07-08-2017 - 16:29
Published 07-08-2017 - 16:29
Last modified 08-08-2017 - 12:20
Back to Top