FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  452465
Date:      2017-10-19
Time:      19:59:15Z
Committer: swills

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0d724b05-687f-4527-9c03-af34d3b094ecImageMagick -- multiple vulnerabilities

Openwall reports:

Insufficient filtering for filename passed to delegate's command allows remote code execution during conversion of several file formats. Any service which uses ImageMagick to process user supplied images and uses default delegates.xml / policy.xml, may be vulnerable to this issue.

It is possible to make ImageMagick perform a HTTP GET or FTP request

It is possible to delete files by using ImageMagick's 'ephemeral' pseudo protocol which deletes files after reading.

It is possible to move image files to file with any extension in any folder by using ImageMagick's 'msl' pseudo protocol. msl.txt and image.gif should exist in known location - /tmp/ for PoC (in real life it may be web service written in PHP, which allows to upload raw txt files and process images with ImageMagick).

It is possible to get content of the files from the server by using ImageMagick's 'label' pseudo protocol.


Discovery 2016-05-03
Entry 2016-05-06
Modified 2016-05-07
ImageMagick
ImageMagick-nox11
lt 6.9.3.9_1,1

ImageMagick7
ImageMagick7-nox11
ge 7.0.0.0.b20150715 lt 7.0.1.0_1

CVE-2016-3714
CVE-2016-3715
CVE-2016-3716
CVE-2016-3717
CVE-2016-3718
http://www.openwall.com/lists/oss-security/2016/05/03/18
https://imagetragick.com/
10f7f782-901c-11e6-a590-14dae9d210b8ImageMagick -- multiple vulnerabilities

Debian reports:

Various memory handling problems and cases of missing or incomplete input sanitizing may result in denial of service or the execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and CALS files are processed.


Discovery 2016-09-23
Entry 2016-10-12
Modified 2016-10-18
ImageMagick
ImageMagick-nox11
lt 6.9.5.10,1

https://www.debian.org/security/2016/dsa-3675
ports/213032
16fb4f83-a2ab-11e7-9c14-009c02a2ab30ImageMagick -- denial of service via a crafted font file

MITRE reports:

The ReadCAPTIONImage function in coders/caption.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via a crafted font file.


Discovery 2017-09-21
Entry 2017-09-26
ImageMagick7
lt 7.0.7.4

ImageMagick7-nox11
lt 7.0.7.4

ImageMagick
le 6.9.8.9_1

ImageMagick-nox11
le 6.9.8.9_1

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14741
https://github.com/ImageMagick/ImageMagick/issues/771
https://github.com/ImageMagick/ImageMagick/commit/7d8e14899c562157c7760a77fc91625a27cb596f
https://github.com/ImageMagick/ImageMagick/commit/bb11d07139efe0f5e4ce0e4afda32abdbe82fa9d
CVE-2017-14741
19d35b0f-ba73-11e6-b1cf-14dae9d210b8ImageMagick -- heap overflow vulnerability

Bastien Roucaries reports:

Imagemagick before 3cbfb163cff9e5b8cdeace8312e9bfee810ed02b suffer from a heap overflow in WaveletDenoiseImage(). This problem is easily trigerrable from a Perl script.


Discovery 2016-11-13
Entry 2016-12-04
ImageMagick
ImageMagick-nox11
lt 6.9.6.4,1

ImageMagick7
ImageMagick7-nox11
lt 7.0.3.7

http://seclists.org/oss-sec/2016/q4/413
https://github.com/ImageMagick/ImageMagick/issues/296
CVE-2016-9298
ports/214517
ports/214511
ports/214520
50776801-4183-11e7-b291-b499baebfeafImageMagick -- multiple vulnerabilities

Please reference CVE/URL list for details


Discovery 2017-03-05
Entry 2017-05-25
Modified 2017-05-29
ImageMagick
ImageMagick-nox11
lt 6.9.6.4_2,1

ge 6.9.7.0,1 lt 6.9.8.8,1

ImageMagick7
ImageMagick7-nox11
lt 7.0.5.9

https://nvd.nist.gov/vuln/search/results?query=ImageMagick
CVE-2017-5506
CVE-2017-5507
CVE-2017-5508
CVE-2017-5509
CVE-2017-5510
CVE-2017-5511
CVE-2017-6497
CVE-2017-6498
CVE-2017-6499
CVE-2017-6500
CVE-2017-6501
CVE-2017-6502
CVE-2017-7275
CVE-2017-7606
CVE-2017-7619
CVE-2017-7941
CVE-2017-7942
CVE-2017-7943
CVE-2017-8343
CVE-2017-8344
CVE-2017-8345
CVE-2017-8346
CVE-2017-8347
CVE-2017-8348
CVE-2017-8349
CVE-2017-8350
CVE-2017-8351
CVE-2017-8352
CVE-2017-8353
CVE-2017-8354
CVE-2017-8355
CVE-2017-8356
CVE-2017-8357
CVE-2017-8765
CVE-2017-8830
CVE-2017-9141
CVE-2017-9142
CVE-2017-9143
CVE-2017-9144
5140dc69-b65e-11e1-9425-001b21614864ImageMagick -- multiple vulnerabilities

ImageMagick reports:

Three vulnerabilities have been identified in ImageMagick's handling of JPEG and TIFF files. With these vulnerabilities, it is possible to cause a denial of service situation in the target system.


Discovery 2012-03-28
Entry 2012-06-14
Modified 2014-04-30
ImageMagick
lt 6.7.6.4

ImageMagick-nox11
lt 6.7.6.4

CVE-2012-0259
CVE-2012-0260
CVE-2012-1798
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629
http://www.cert.fi/en/reports/2012/vulnerability635606.html
82b702e0-1907-11e6-857b-00221503d280imagemagick -- buffer overflow

ImageMagick reports:

Fix a buffer overflow in magick/drag.c/DrawStrokePolygon().


Discovery 2016-05-09
Entry 2016-05-13
ImageMagick
ImageMagick-nox11
lt 6.9.4.1,1

ImageMagick7
ImageMagick7-nox11
ge 7.0.0.0.b20150715 lt 7.0.1.3

http://legacy.imagemagick.org/script/changelog.php
98690c45-0361-11e2-a391-000c29033c32ImageMagick and GraphicsMagick -- DoS via specially crafted PNG file

Kurt Seifried reports:

There is an issue in ImageMagick that is also present in GraphicsMagick. CVE-2011-3026 deals with libpng memory allocation, and limitations have been added so that a bad PNG can't cause the system to allocate a lot of memory and a denial of service. However on further investigation of ImageMagick, Tom Lane found that PNG malloc function (Magick_png_malloc) in turn calls AcquireMagickMemory with an improper size argument.


Discovery 2012-07-28
Entry 2012-09-20
Modified 2014-04-30
ImageMagick
le 6.7.8.6

ImageMagick-nox11
le 6.7.8.6

GraphicsMagick
ge 1.3.0 le 1.3.16

GraphicsMagick-nox11
ge 1.3.0 le 1.3.16

CVE-2012-3438
https://bugzilla.redhat.com/show_bug.cgi?id=844105
54716
http://secunia.com/advisories/50090
http://xforce.iss.net/xforce/xfdb/77259
http://osvdb.org/show/osvdb/84323
a713c0f9-ec54-11d8-9440-000347a4fa7dImageMagick png vulnerability fix

Glenn Randers-Pehrson has contributed a fix for the png vulnerabilities discovered by Chris Evans.


Discovery 2004-08-04
Entry 2004-08-04
Modified 2004-08-12
ImageMagick
ImageMagick-nox11
lt 6.0.4.2

http://studio.imagemagick.org/pipermail/magick-users/2004-August/013218.html
http://freshmeat.net/releases/169228
http://secunia.com/advisories/12236
http://www.freebsd.org/ports/portaudit/f9e3e60b-e650-11d8-9b0a-000347a4fa7d.html
b6cad7f3-fb59-11d8-9837-000c41e2cdadImageMagick -- BMP decoder buffer overflow

Marcus Meissner discovered that ImageMagick's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability.


Discovery 2004-08-25
Entry 2004-08-31
Modified 2004-09-14
ImageMagick
ImageMagick-nox11
lt 6.0.6.2

CVE-2004-0827
http://www.imagemagick.org/www/Changelog.html
f5b29ec0-71f9-11dc-8c6a-00304881ac9aImageMagick -- multiple vulnerabilities

Multiple vulnerabilities have been discovered in ImageMagick.

ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls.

Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.

Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address.

Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow.


Discovery 2007-09-19
Entry 2007-10-10
ImageMagick
ImageMagick-nox11
lt 6.3.5.9

CVE-2007-4985
CVE-2007-4986
CVE-2007-4987
CVE-2007-4988
http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html