Download
| Alert*
oval:org.secpod.oval:def:2101500
A use-after-free in RenderFreetype in MagickCore/annotate.c in ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a crafted font file, because the FT_Done_Glyph function (from FreeType 2) is called at an incorrect place in the ImageMagick code. oval:org.secpod.oval:def:89043894 This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2017-14343: Fixed a memory leak vulnerability in ReadXCFImage in coders/xcf.c via a crafted xcf image file . - CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allowed remote attackers to cause a denia ... oval:org.secpod.oval:def:1000681 The remote host is missing a patch 136882-08 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89002527 This update for ImageMagick fixes the following issues: - security update : * CVE-2017-14343: Memory leak vulnerability in ReadXCFImage could lead to denial of service via a crafted file. CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:51056 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:704122 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. |