Moshe Kaplan

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.5-0 **Description** The issue is caused by an integer truncation problem in the coders/pict.c file, allowing remote attackers to cause a denial of service by crashing the application via a crafted .pict file. This can be exploited by using negative numbers when specifying the size of a field, potentially enabling an attacker to forge cross-site requests using a specially crafted pict file. **Recommendations** For versions prior to 7.0.5-0, update to version 7.0.5-0 or later to resolve the issue. As a temporary workaround, consider restricting the use of .pict files or disabling the vulnerable coders/pict.c module until a patch is applied. Avoid using negative numbers when specifying field sizes in the affected module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.0 and later **Description** The issue is related to a double free vulnerability in the coders/tga.c file, which can be exploited by remote attackers to cause a denial of service, resulting in an application crash. This can be achieved through a crafted tga file. **Recommendations** For ImageMagick versions 7.0.0 and later, consider avoiding the use of the tga file format until a patch is available. As a temporary workaround, restrict access to the coders/tga.c file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 6.9.1-3 and later **Description** The issue is caused by an integer overflow in the ImageMagick console graphic editor. This can be exploited by a remote attacker to cause a denial of service (application crash) by providing large input data. The vulnerability is triggered by a crafted length value that causes a buffer overflow in the coders/icon.c file. **Recommendations** For ImageMagick versions 6.9.1-3 and later, consider restricting the input data size to prevent large inputs from causing the application to crash. As a temporary workaround, restrict access to the `coders/icon.c` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.8.x through 1.8.12 Wireshark versions 1.10.x through 1.10.5 **Description** The issue is related to the nfs name snoop add name function in the NFS dissector, which does not validate a certain length value. This allows remote attackers to cause a denial of service, resulting in memory corruption and application crash, via a crafted NFS packet. **Recommendations** For Wireshark versions 1.8.x through 1.8.12, update to version 1.8.13 or later. For Wireshark versions 1.10.x through 1.10.5, update to version 1.10.6 or later.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.8.x through 1.8.6 **Description** The issue is related to multiple integer overflows that can cause a denial of service, resulting in an application crash or loop, when a malformed packet is processed. This is associated with the Websocket, MySQL, and ETCH dissectors. **Recommendations** For Wireshark versions 1.8.x through 1.8.6, update to version 1.8.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.6.x through 1.6.13 Wireshark versions 1.8.x through 1.8.5 **Description** The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, via a malformed packet. This is due to a problem in the AMPQ dissector. **Recommendations** For Wireshark versions 1.6.x through 1.6.13, update to version 1.6.14 or later. For Wireshark versions 1.8.x through 1.8.5, update to version 1.8.6 or later.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.6.x through 1.6.13 Wireshark versions 1.8.x through 1.8.5 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash, via a malformed packet. This is due to a problem in the CIMD dissector. **Recommendations** For Wireshark versions 1.6.x through 1.6.13, update to version 1.6.14 or later. For Wireshark versions 1.8.x through 1.8.5, update to version 1.8.6 or later.