Zhouatop

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 6.9.9-5 and 7.0.6-5 **Description** The issue is related to the ProcessMSLScript function in coders/msl.c, which allows remote attackers to cause a denial of service (memory leak) via a crafted file. This is due to a buffer overflow in memory. The exploitation of this issue can lead to a denial of service, resulting in memory loss, by using a specially formed file related to the ProcessMSLScript function. **Recommendations** For versions prior to 6.9.9-5, update to version 6.9.9-5 or later. For versions prior to 7.0.6-5, update to version 7.0.6-5 or later. As a temporary workaround, consider restricting the use of the ProcessMSLScript function in coders/msl.c until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.6-4 **Description** The issue is related to the WritePICONImage function in coders/xpm.c, which is caused by a buffer overflow in memory. This can be exploited by a remote attacker using a specially crafted file, leading to a denial of service (memory leak) due to incorrect handling in the AcquireSemaphoreInfo call. **Recommendations** For ImageMagick version 7.0.6-4, consider disabling the WritePICONImage function as a temporary workaround until a patch is available. Restrict access to the coders/xpm.c module to minimize the risk of exploitation. Avoid using the AcquireSemaphoreInfo call with untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-4 **Description** The issue is related to the WritePICONImage function in coders/xpm.c, which can cause a denial of service due to a memory leak. This occurs when a crafted file is mishandled in an OpenPixelCache call, allowing remote attackers to exploit the vulnerability. The exploitation can lead to a memory leak, resulting in a denial of service. **Recommendations** For ImageMagick version 7.0.6-4, consider disabling the WritePICONImage function as a temporary workaround until a patch is available. Restrict access to the OpenPixelCache call to minimize the risk of exploitation. Avoid using the coders/xpm.c module with untrusted files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions 7.0.6-4 **Description** The issue is related to the GetImageDepth function in MagickCore/attribute.c, which can cause a denial of service due to a heap-based buffer over-read when processing a specially crafted Flexible Image Transport System (FITS) file. This can be exploited by a remote attacker. **Recommendations** For ImageMagick version 7.0.6-4, consider disabling the GetImageDepth function in MagickCore/attribute.c as a temporary workaround until a patch is available. Restrict access to processing FITS files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.0.6-4 **Description** The issue is related to the ReadMAGICKImage function in coders/magick.c, which can cause a denial of service due to a memory leak when processing a crafted file. This can be exploited by remote attackers to disrupt service. **Recommendations** For ImageMagick version 7.0.6-4, consider disabling the ReadMAGICKImage function as a temporary workaround until a patch is available. Restrict access to crafted files that could exploit this issue to minimize the risk of disruption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** yaml-cpp versions 0.5.3 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in an assertion failure and application exit. This is achieved by providing a specific string, '!2', which exploits the `Token& Scanner::peek` function in scanner.cpp. **Recommendations** For yaml-cpp versions 0.5.3 and earlier, consider updating to a newer version to resolve the issue. As a temporary workaround, restrict the input to the `Token& Scanner::peek` function to prevent the '!2' string from being processed.