Moshekaplan

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.9.7 **Description** A specially crafted sun file can trigger a heap-based buffer over-read. **Recommendations** For ImageMagick version 6.9.7, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.1-0 **Description** The issue concerns the ReadVIFFImage function in coders/viff.c, which can be exploited by remote attackers using a crafted file. This can lead to a denial of service, causing the application to crash, or potentially have other unspecified impacts. **Recommendations** For versions prior to 7.0.1-0, update to version 7.0.1-0 or later to resolve the issue. As a temporary workaround, consider restricting access to the ReadVIFFImage function in coders/viff.c until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, through vectors related to the number of pixels in the ReadRLEImage function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file. This is due to a problem in the ReadVIFFImage function in coders/viff.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file. This is due to a problem in the `EncodeImage` function in `coders/pict.c`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file. This is due to a problem in the ReadSUNImage function in coders/sun.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. This is due to a problem in the ReadRLEImage function in coders/rle.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** A heap-based buffer overflow issue exists, allowing remote attackers to cause a denial of service through an out-of-bounds read by using a crafted HDR file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** A heap-based buffer overflow issue exists, allowing remote attackers to cause a denial of service through an out-of-bounds read by using a crafted PSD file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. This is due to a problem in the ReadPSDImage function in MagickCore/locale.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. This is due to a problem in the coders/meta.c file in ImageMagick. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. This is due to a problem in the coders/meta.c file in ImageMagick. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** A heap-based buffer overflow issue exists, allowing remote attackers to cause a denial of service through an out-of-bounds read by using a crafted PSD file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service through a crafted file, resulting in an out-of-bounds write. This is due to a problem in the coders/wpg.c file of ImageMagick. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file. This is due to a problem in the ReadPSDChannelPixels function in coders/psd.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault, by utilizing a crafted profile. This is related to the `magick/profile.c` component in ImageMagick. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service due to out-of-bounds access via a crafted PDB file. This is related to the `memory.c` file in MagickCore. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. This is related to the `coders/psd.c` file in ImageMagick. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, by using a crafted file. This is related to the coders/wpg.c component in ImageMagick. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick (affected versions not specified) **Description** The issue concerns the `ReadVIFFImage` function in `coders/viff.c`, which allows remote attackers to cause a denial of service, resulting in a segmentation fault. This can be achieved through a crafted VIFF file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.