Galycannon

**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.18.0 **Description** The issue allows remote attackers to run arbitrary code and cause other impacts via a crafted image file, exploiting a Buffer Overflow vulnerability in the `LoadRGB` function in `PluginDDS.cpp`. **Recommendations** For FreeImage version 3.18.0, consider disabling the `LoadRGB` function in `PluginDDS.cpp` as a temporary workaround until a patch is available. Restrict access to processing crafted image files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.18.0 **Description** The issue is a Buffer Overflow vulnerability in the function `C IStream::read` in `PluginEXR.cpp`. This allows remote attackers to run arbitrary code and cause other impacts via a crafted image file. **Recommendations** For FreeImage version 3.18.0, consider updating to a newer version that contains a fix for this issue, as using a crafted image file could allow remote attackers to run arbitrary code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FreeImage version 3.18.0 **Description** The issue is a Buffer Overflow vulnerability in the `LoadPixelDataRLE8` function in `PluginBMP.cpp`. This allows remote attackers to run arbitrary code and cause other impacts via a crafted image file. **Recommendations** For FreeImage version 3.18.0, consider updating to a newer version to mitigate the risk, as the current version contains a vulnerable function `LoadPixelDataRLE8` in `PluginBMP.cpp`. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.4 snapshot-20190403 Q8 **Description** The issue is related to a use-after-free in the `ThrowException` and `ThrowLoggedException` functions of `magick/error.c`. This could potentially allow a remote attacker to gain unauthorized access to information and compromise its integrity and availability. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190403 Q8, consider disabling the `ThrowException` and `ThrowLoggedException` functions as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.4 snapshot-20190423 Q8 **Description** The issue is related to a heap-based buffer overflow in the `ImportRLEPixels` function, which can be exploited by a remote attacker to gain unauthorized access to information, compromising its integrity and availability. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190423 Q8, consider disabling the `ImportRLEPixels` function as a temporary workaround until a patch is available. Restrict access to the `coders/miff.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.4 snapshot-20191208 Q8 **Description** The issue is related to a heap-based buffer over-read in the `EncodeImage` function. This can allow a remote attacker to gain unauthorized access to information and compromise its integrity and availability. **Recommendations** For GraphicsMagick version 1.4 snapshot-20191208 Q8, consider disabling the `EncodeImage` function until a patch is available to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.9-7 Q16 **Description** The issue is related to a use-after-free in the function MngInfoDiscardObject of coders/png.c, specifically when handling ReadOneMNGImage. **Recommendations** For ImageMagick version 7.0.9-7 Q16, as a temporary workaround, consider disabling the MngInfoDiscardObject function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.8-43 Q16 **Description** The issue is related to a heap-based buffer overflow in the `WriteSGIImage` function of `coders/sgi.c`. This can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For ImageMagick version 7.0.8-43 Q16, consider disabling the `WriteSGIImage` function as a temporary workaround until a patch is available. Restrict access to the `sgi.c` coder to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.8-43 Q16 **Description** The issue is related to a heap-based buffer over-read in the `WritePNGImage` function, which can allow a remote attacker to access confidential data and cause a denial of service. The problem is associated with the `Magick png write raw profile` and `LocaleNCompare` functions. **Recommendations** For ImageMagick version 7.0.8-43 Q16, consider disabling the `WritePNGImage` function as a temporary workaround until a patch is available. Restrict access to the `coders/png.c` module to minimize the risk of exploitation. Avoid using the `LocaleNCompare` function in the affected `WritePNGImage` function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.8-43 Q16 **Description** The issue is related to a heap-based buffer over-read in the `WriteTIFFImage` function of `coders/tiff.c`. This allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. The vulnerability can be exploited by a remote attacker to gain access to confidential information or disrupt service. **Recommendations** For ImageMagick version 7.0.8-43 Q16, consider disabling the `WriteTIFFImage` function in `coders/tiff.c` as a temporary workaround until a patch is available. Restrict access to handling crafted image files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.8-40 Q16 **Description** The issue is related to a heap-based buffer over-read in the `WritePNMImage` function of `coders/pnm.c`, which can be exploited by an attacker to cause a denial of service or possibly disclose protected information via a crafted image file. This issue is also related to the `SetGrayscaleImage` function in `MagickCore/quantize.c`. **Recommendations** For ImageMagick version 7.0.8-40 Q16, consider disabling the `WritePNMImage` function until a patch is available to prevent potential exploitation. As a temporary workaround, restrict the use of crafted image files to minimize the risk of denial of service or information disclosure.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.3.8 through 1.4 snapshot-20190403 Q8 **Description** The issue is related to a heap-based buffer overflow in the `WritePDBImage` function, which can be exploited by an attacker to cause a denial of service or potentially have other unspecified impacts. This can be achieved via a crafted image file. The `MagickBitStreamMSBWrite` function in `magick/bit stream.c` is also related to this issue. **Recommendations** For GraphicsMagick versions 1.3.8 through 1.4 snapshot-20190403 Q8, consider restricting the use of the `WritePDBImage` function until a patch is available to prevent potential exploitation. Additionally, avoid using crafted image files that could trigger the buffer overflow in the `WritePDBImage` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.3.30 through 1.4 snapshot-20190403 Q8 **Description** The issue is related to a heap-based buffer overflow in the `WriteMATLABImage` function, located in `coders/mat.c`, which can be triggered by a crafted image file. This may allow an attacker to cause a denial of service or have other unspecified impacts. The vulnerability is also related to `ExportRedQuantumType` in `magick/export.c`. **Recommendations** For GraphicsMagick versions 1.3.30 through 1.4 snapshot-20190403 Q8, consider disabling the `WriteMATLABImage` function as a temporary workaround until a patch is available. Restrict the use of crafted image files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.4 snapshot-20190322 Q8 **Description** The issue is related to a heap-based buffer over-read in the `ReadMNGImage` function of `coders/png.c`. This allows attackers to cause a denial of service or information disclosure via an image colormap. The vulnerability can be exploited by a remote attacker to gain unauthorized access to information and disrupt its availability. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190322 Q8, consider disabling the `ReadMNGImage` function as a temporary workaround until a patch is available. Restrict access to image colormaps to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.4 snapshot-20190322 Q8 **Description** The issue is related to a heap-based buffer overflow in the `WriteXWDImage` function of `coders/xwd.c`. This allows remote attackers to cause a denial of service, potentially leading to an application crash, or possibly have other unspecified impacts via a crafted image file. The vulnerability can also be exploited to gain access to confidential information or disrupt service. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190322 Q8, as a temporary workaround, consider disabling the `WriteXWDImage` function until a patch is available. Restrict access to crafted image files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.4 snapshot-20190322 Q8 **Description** The issue is related to a heap-based buffer over-read in the `ReadMIFFImage` function, which can be exploited by remote attackers to cause a denial of service or disclose information via an RLE packet. This can potentially allow unauthorized access to information and disrupt its integrity and availability. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190322 Q8, consider disabling the `ReadMIFFImage` function as a temporary workaround until a patch is available. Restrict access to the `coders/miff.c` module to minimize the risk of exploitation. Avoid using RLE packets in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.4 snapshot-20190322 Q8 and earlier **Description** The issue is related to a buffer overflow in the `SVGStartElement` function of the GraphicsMagick graphic editor, which can be exploited by a remote attacker to gain unauthorized access to information, compromise its integrity and availability, or cause a denial of service (application crash) via a quoted font family value in the `coders/svg.c` file. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190322 Q8 and earlier, consider disabling the `SVGStartElement` function as a temporary workaround until a patch is available. Restrict access to the `coders/svg.c` file to minimize the risk of exploitation. Avoid using quoted font family values in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.4 snapshot-20190322 Q8 and earlier **Description** The issue is related to a heap-based buffer over-read in the `ReadXWDImage` function, which can be exploited by attackers using a specially crafted image file. This could allow remote attackers to gain unauthorized access to information, compromise its integrity, and affect its availability. The exploitation can also lead to a denial of service. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190322 Q8 and earlier, consider disabling the `ReadXWDImage` function until a patch is available to prevent potential exploitation. Restrict access to the `coders/xwd.c` module to minimize the risk of denial of service or information disclosure via crafted image files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick versions 1.4 snapshot-20190322 Q8 **Description** The issue is related to a memory leak in the `ReadMPCImage` function of the GraphicsMagick graphic editor, which can be exploited by a remote attacker using a specially crafted image file, potentially leading to a denial of service. **Recommendations** For GraphicsMagick version 1.4 snapshot-20190322 Q8, consider disabling the `ReadMPCImage` function until a patch is available to prevent potential denial of service attacks via crafted image files.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.8-36 Q16 **Description** The issue is related to a heap-based buffer over-read in the `WriteTIFFImage` function of `coders/tiff.c`. This allows an attacker to cause a denial of service or information disclosure via a crafted image file. The vulnerability is also associated with inadequate input data validation, which can be exploited by a remote attacker to breach data confidentiality and cause a denial of service using a specially crafted file. **Recommendations** For ImageMagick version 7.0.8-36 Q16, consider disabling the `WriteTIFFImage` function in `coders/tiff.c` as a temporary workaround to prevent potential exploitation until a patch is available. Restrict access to handling crafted image files to minimize the risk of denial of service or information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.