svn commit: r441717 - head/security/vuxml
Bernard Spil
brnrd at FreeBSD.org
Thu May 25 20:51:50 UTC 2017
Author: brnrd
Date: Thu May 25 20:51:48 2017
New Revision: 441717
URL: https://svnweb.freebsd.org/changeset/ports/441717
Log:
security/vuxml: Document ImageMagick vulnerabilities
PR: 219497
Reported by: dani <i.dani at outlook.com>
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu May 25 20:34:46 2017 (r441716)
+++ head/security/vuxml/vuln.xml Thu May 25 20:51:48 2017 (r441717)
@@ -58,6 +58,182 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="50776801-4183-11e7-b291-b499baebfeaf">
+ <topic>imagemagick -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>imagemagick</name>
+ <range><lt>6.9.8.6</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <blockquote cite="https://nvd.nist.gov/vuln/search/results?query=ImageMagick">
+ <ul>
+ <li>CVE-2017-5506: Double free vulnerability in magick/profile.c in
+ ImageMagick allows remote attackers to have unspecified impact via
+ a crafted file.</li>
+ <li>CVE-2017-5507: Memory leak in coders/mpc.c in ImageMagick before
+ 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a
+ denial of service (memory consumption) via vectors involving a
+ pixel cache.</li>
+ <li>CVE-2017-5508: Heap-based buffer overflow in the
+ PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x
+ before 7.0.4-3 allows remote attackers to cause a denial of
+ service (application crash) via a crafted TIFF file.</li>
+ <li>CVE-2017-5509: coders/psd.c in ImageMagick allows remote
+ attackers to have unspecified impact via a crafted PSD file, which
+ triggers an out-of-bounds write.</li>
+ <li>CVE-2017-5510: coders/psd.c in ImageMagick allows remote
+ attackers to have unspecified impact via a crafted PSD file, which
+ triggers an out-of-bounds write.</li>
+ <li>CVE-2017-5511: coders/psd.c in ImageMagick allows remote
+ attackers to have unspecified impact by leveraging an improper
+ cast, which triggers a heap-based buffer overflow.</li>
+ <li>CVE-2017-6497: An issue was discovered in ImageMagick 6.9.7.
+ A specially crafted psd file could lead to a NULL pointer
+ dereference (thus, a DoS).</li>
+ <li>CVE-2017-6498: An issue was discovered in ImageMagick 6.9.7.
+ Incorrect TGA files could trigger assertion failures, thus leading
+ to DoS.</li>
+ <li>CVE-2017-6499: An issue was discovered in Magick++ in
+ ImageMagick 6.9.7. A specially crafted file creating a nested
+ exception could lead to a memory leak (thus, a DoS).</li>
+ <li>CVE-2017-6500: An issue was discovered in ImageMagick 6.9.7.
+ A specially crafted sun file triggers a heap-based
+ buffer over-read.</li>
+ <li>CVE-2017-6501: An issue was discovered in ImageMagick 6.9.7.
+ A specially crafted xcf file could lead to a NULL pointer
+ dereference.</li>
+ <li>CVE-2017-6502: An issue was discovered in ImageMagick 6.9.7.
+ A specially crafted webp file could lead to a file-descriptor
+ leak in libmagickcore (thus, a DoS).</li>
+ <li>CVE-2017-7275: The ReadPCXImage function in coders/pcx.c in
+ ImageMagick 7.0.4.9 allows remote attackers to cause a denial of
+ service (attempted large memory allocation and application crash)
+ via a crafted file. NOTE: this vulnerability exists because of an
+ incomplete fix for CVE-2016-8862 and CVE-2016-8866.</li>
+ <li>CVE-2017-7606: coders/rle.c in ImageMagick 7.0.5-4 has an
+ "outside the range of representable values of type unsigned char"
+ undefined behavior issue, which might allow remote attackers to
+ cause a denial of service (application crash) or possibly have
+ unspecified other impact via a crafted image.</li>
+ <li>CVE-2017-7619: In ImageMagick 7.0.4-9, an infinite loop can
+ occur because of a floating-point rounding error in some of the
+ color algorithms. This affects ModulateHSL, ModulateHCL,
+ ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB,
+ ModulateLCHab, and ModulateLCHuv.</li>
+ <li>CVE-2017-7941: The ReadSGIImage function in sgi.c allows remote
+ attackers to consume an amount of available memory via a crafted
+ file.</li>
+ <li>CVE-2017-7942: The ReadAVSImage function in avs.c allows remote
+ attackers to consume an amount of available memory via a crafted
+ file.</li>
+ <li>CVE-2017-7943: The ReadSVGImage function in svg.c allows remote
+ attackers to consume an amount of available memory via a crafted
+ file.</li>
+ <li>CVE-2017-8343: ReadAAIImage function in aai.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8344: ReadPCXImage function in pcx.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file. The
+ ReadMNGImage function in png.c allows attackers to cause a denial
+ of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8345: ReadMNGImage function in png.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8346: ReadMATImage function in mat.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8347: ReadMATImage function in mat.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file. </li>
+ <li>CVE-2017-8348: ReadMATImage function in mat.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8349: ReadSFWImage function in sfw.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8350: ReadJNGImage function in png.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8351: ReadPCDImage function in pcd.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8352: ReadXWDImage function in xwd.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8353: ReadPICTImage function in pict.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8354: ReadBMPImage function in bmp.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8355: ReadMTVImage function in mtv.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8356: ReadSUNImage function in sun.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8357: ReadEPTImage function in ept.c allows attackers
+ to cause a denial of service (memory leak) via a crafted file.</li>
+ <li>CVE-2017-8365: The function named ReadICONImage in coders\icon.c
+ has a memory leak vulnerability which can cause memory exhaustion
+ via a crafted ICON file.</li>
+ <li>CVE-2017-8830: ReadBMPImage function in bmp.c:1379 allows
+ attackers to cause a denial of service (memory leak) via a crafted
+ file.</li>
+ <li>CVE-2017-9141: A crafted file could trigger an assertion failure
+ in the ResetImageProfileIterator function in MagickCore/profile.c
+ because of missing checks in the ReadDDSImage function in
+ coders/dds.c.</li>
+ <li>CVE-2017-9142: A crafted file could trigger an assertion failure
+ in the WriteBlob function in MagickCore/blob.c because of missing
+ checks in the ReadOneJNGImage function in coders/png.c.</li>
+ <li>CVE-2017-9143: ReadARTImage function in coders/art.c allows
+ attackers to cause a denial of service (memory leak) via a crafted
+ .art file.</li>
+ <li>CVE-2017-9144: A crafted RLE image can trigger a crash because
+ of incorrect EOF handling in coders/rle.c.</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://nvd.nist.gov/vuln/search/results?query=ImageMagick</url>
+ <cvename>CVE-2017-5506</cvename>
+ <cvename>CVE-2017-5507</cvename>
+ <cvename>CVE-2017-5508</cvename>
+ <cvename>CVE-2017-5509</cvename>
+ <cvename>CVE-2017-5510</cvename>
+ <cvename>CVE-2017-5511</cvename>
+ <cvename>CVE-2017-6497</cvename>
+ <cvename>CVE-2017-6498</cvename>
+ <cvename>CVE-2017-6499</cvename>
+ <cvename>CVE-2017-6500</cvename>
+ <cvename>CVE-2017-6501</cvename>
+ <cvename>CVE-2017-6502</cvename>
+ <cvename>CVE-2017-7275</cvename>
+ <cvename>CVE-2017-7606</cvename>
+ <cvename>CVE-2017-7619</cvename>
+ <cvename>CVE-2017-7941</cvename>
+ <cvename>CVE-2017-7942</cvename>
+ <cvename>CVE-2017-7943</cvename>
+ <cvename>CVE-2017-8343</cvename>
+ <cvename>CVE-2017-8344</cvename>
+ <cvename>CVE-2017-8345</cvename>
+ <cvename>CVE-2017-8346</cvename>
+ <cvename>CVE-2017-8347</cvename>
+ <cvename>CVE-2017-8348</cvename>
+ <cvename>CVE-2017-8349</cvename>
+ <cvename>CVE-2017-8350</cvename>
+ <cvename>CVE-2017-8351</cvename>
+ <cvename>CVE-2017-8352</cvename>
+ <cvename>CVE-2017-8353</cvename>
+ <cvename>CVE-2017-8354</cvename>
+ <cvename>CVE-2017-8355</cvename>
+ <cvename>CVE-2017-8356</cvename>
+ <cvename>CVE-2017-8357</cvename>
+ <cvename>CVE-2017-8365</cvename>
+ <cvename>CVE-2017-8830</cvename>
+ <cvename>CVE-2017-9141</cvename>
+ <cvename>CVE-2017-9142</cvename>
+ <cvename>CVE-2017-9143</cvename>
+ <cvename>CVE-2017-9144</cvename>
+ </references>
+ <dates>
+ <discovery>2017-03-05</discovery>
+ <entry>2017-05-25</entry>
+ </dates>
+ </vuln>
+
<vuln vid="6f4d96c0-4062-11e7-b291-b499baebfeaf">
<topic>samba -- remote code execution vulnerability</topic>
<affects>
More information about the svn-ports-all
mailing list