Jodie Cunningham

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.8.9-9 **Description** A heap overflow issue exists, which can be triggered by a crafted pcx file. **Recommendations** For ImageMagick version 6.8.9-9, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.0i **Description** The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted sector in a workbook. **Recommendations** For versions prior to 1.0.0i, update to version 1.0.0i or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.0i **Description** The issue allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF." **Recommendations** For versions prior to 1.0.0i, update to version 1.0.0i or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** FreeXL versions prior to 1.0.0i **Description** The issue allows remote attackers to cause a denial of service, specifically memory consumption, by exploiting a vulnerability in the parse SST function. This can be achieved through a crafted shared strings table in a workbook. **Recommendations** For versions prior to 1.0.0i, update to version 1.0.0i or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.8.9-9 **Description** The issue allows remote attackers to cause a denial of service due to out-of-bounds access in the magick/colormap-private.h file. **Recommendations** For ImageMagick version 6.8.9-9, consider updating to a newer version to mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.8.9-9 **Description** A heap overflow issue exists, which can be triggered by a crafted psd file. **Recommendations** For ImageMagick version 6.8.9-9, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.8.9-9 **Description** The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds access, by using a crafted palm file. **Recommendations** For ImageMagick version 6.8.9-9, consider updating to a newer version to mitigate the risk, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the processing of palm files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.8.9-9 **Description** The issue is related to a heap overflow that can occur in ImageMagick via a crafted pict file. **Recommendations** For ImageMagick version 6.8.9-9, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.8.9-9 **Description** The issue is related to a heap overflow that can occur in ImageMagick when processing a crafted wpf file. **Recommendations** For ImageMagick version 6.8.9-9, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 6.8.9-9 **Description** The issue allows remote attackers to cause a denial of service via a crafted xpm file. **Recommendations** For ImageMagick version 6.8.9-9, consider updating to a newer version to mitigate the risk of denial of service attacks.