what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

CVE-2014-8354

Status Candidate

Overview

The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.

Related Files

Ubuntu Security Notice USN-3131-1
Posted Nov 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3131-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2014-8354, CVE-2014-8355, CVE-2014-8562, CVE-2014-8716, CVE-2014-9805, CVE-2014-9806, CVE-2014-9807, CVE-2014-9808, CVE-2014-9809, CVE-2014-9810, CVE-2014-9811, CVE-2014-9812, CVE-2014-9813, CVE-2014-9814, CVE-2014-9815, CVE-2014-9816, CVE-2014-9817, CVE-2014-9818, CVE-2014-9819, CVE-2014-9820, CVE-2014-9821, CVE-2014-9822, CVE-2014-9823, CVE-2014-9826, CVE-2014-9828, CVE-2014-9829, CVE-2014-9830, CVE-2014-9831
MD5 | ec420c29d0eba004cc6f15242b4d4ba6
Mandriva Linux Security Advisory 2015-105
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-105 - A buffer overflow flaw was found in the way ImageMagick handled PSD images that use RLE encoding. An attacker could create a malicious PSD image file that, when opened in ImageMagick, would cause ImageMagick to crash or, potentially, execute arbitrary code with the privileges of the user running ImageMagick. A buffer overflow flaw was found in the way ImageMagick writes PSD images when the input data has a large number of unlabeled layers. ImageMagick is vulnerable to a denial of service due to out-of-bounds memory accesses in the resize code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-1958, CVE-2014-2030, CVE-2014-8354, CVE-2014-8355, CVE-2014-8562, CVE-2014-8716
MD5 | 26e176170d1e4c2dfb1e072c07607d99
Mandriva Linux Security Advisory 2014-226
Posted Nov 25, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-226 - ImageMagick is vulnerable to a denial of service due to out-of-bounds memory accesses in the resize code, PCX parser , DCM decoder, and JPEG decoder.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2014-8354, CVE-2014-8355, CVE-2014-8562, CVE-2014-8716
MD5 | 6310637cef83e9d3965fd5693788a39b
ImageMagick Out-Of-Bounds Read / Heap Overflow
Posted Nov 4, 2014
Authored by Hanno Boeck | Site hboeck.de

ImageMagick is vulnerable to an out of bounds read / heap overflow in the function HorizontalFilter() in the file resize.c. It is triggered if an image has dimensions 0x0. The issue has been found with the help of Address Sanitizer and the fuzzing tool zzuf.

tags | advisory, overflow
advisories | CVE-2014-8354, CVE-2014-8355, CVE-2014-8561, CVE-2014-8562
MD5 | e1ff855f01c65563219957c5d0ebf816
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    18 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close