UbuntuUpdates.org

Bugs fixes in "graphicsmagick"

Origin Bug number Title Date fixed
CVE CVE-2016-8684 The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which t 2018-11-05
CVE CVE-2016-8683 The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which trig 2018-11-05
CVE CVE-2016-8682 The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a cr 2018-11-05
CVE CVE-2016-7997 The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vec 2018-11-05
CVE CVE-2016-7996 Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a col 2018-11-05
CVE CVE-2016-7800 Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of servic 2018-11-05
CVE CVE-2016-7449 The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) vi 2018-11-05
CVE CVE-2016-7448 The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations 2018-11-05
CVE CVE-2016-7447 Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via u 2018-11-05
CVE CVE-2016-7446 Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. No 2018-11-05
CVE CVE-2016-5241 magick/render.c in GraphicsMagick before 1.3.24 allows remote attackers to cause a denial of service (arithmetic exception and application crash) via 2018-11-05
CVE CVE-2016-5240 The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a 2018-11-05
CVE CVE-2016-5239 The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspeci 2018-11-05
CVE CVE-2016-5118 popen() shell vulnerability via filename 2018-11-05
CVE CVE-2016-3718 The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery ( 2018-11-05
CVE CVE-2016-3717 The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. 2018-11-05
CVE CVE-2016-3716 The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. 2018-11-05
CVE CVE-2016-3715 The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. 2018-11-05
CVE CVE-2016-3714 The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 2018-11-05
CVE CVE-2016-2318 GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) Draw 2018-11-05



About   -   Send Feedback to @ubuntu_updates